ronstik - stock.adobe.com

Google buys Mandiant for £4bn

Acquisition will see cyber defence and threat intelligence specialist folded into Google Cloud’s security suite

Barely six months after splitting from its former cohort FireEye, frontline cyber defence and threat intelligence powerhouse Mandiant is to be acquired by Google for $5.4bn (£4.1bn/€5bn) in an all-cash deal that will ultimately see the organisation folded into Google Cloud.

With an 18-year history, more than 600 consultants on call, responding to thousands of incidents every year, and over 300 analysts working on cutting-edge security research to power its managed extended detection and response (XDR) platform, Mandiant is long established as a key player in incident response, and as a frequent and vocal contributor to the cyber community.

Over the years, its researchers have often found themselves at the centre of high-profile cyber incidents – in 2021 it played a significant role in shining a light on the threat actors behind ransomware gangs including Maze and the Darkside affiliate which held up the Colonial Pipeline, as well as the widespread Microsoft Exchange attacks, among many others. At the end of 2020, Mandiant also played a pivotal role in the discovery and investigation of the SolarWinds Orion incident.

“Cyber security is a mission, and we believe it’s one of the most important of our generation,” said Mandiant CEO Kevin Mandia, who founded the eponymous company in 2004 after a career in the US Air Force. “Google Cloud shares our mission-driven culture to bring security to every organisation.

“Together, we will deliver our expertise and intelligence at scale via the Mandiant Advantage SaaS platform, as part of the Google Cloud security portfolio. These efforts will help organisations to effectively, efficiently and continuously manage and configure their complex mix of security products.”

Google said the acquisition would complement Google Cloud’s existing strengths in security, enabling it to deliver an end-to-end security ops suite with enhanced capabilities and advisory services to help customers to address critical security challenges.

It claimed the purchase “underscores [its] commitment to advancing its security offerings to better protect and advise customers across their on-premise and cloud environments”.

Google Cloud CEO Thomas Kurian added: “The Mandiant brand is synonymous with unmatched insights for organisations seeking to keep themselves secure in a constantly changing environment.

“This is an opportunity to deliver an end-to-end security operations suite and extend one of the best consulting organisations in the world. Together, we can make a profound impact in securing the cloud, accelerating the adoption of cloud computing, and ultimately make the world safer.”

The acquisition is expected to close later in 2022 subject to the usual round of regulatory hoops being cleared.

Meanwhile, Mandiant’s former colleagues at FireEye, who were sold off to private equity house Symphony last summer, now form part of the recently established Trellix business. Like Mandiant an XDR specialist at its core, Trellix also incorporates parts of the former enterprise unit of the eponymous McAfee business.

Symphony supposedly has plans to relaunch McAfee's secure service edge (SSE) portfolio, including cloud access security broker (CASB) services, secure web gateway (SWG) and zero-trust network access (ZTNA), as a separate entity in the spring of 2022.

Read more on Antivirus, firewall and IDS products

CIO
Security
Networking
Data Center
Data Management
Close