Revenge of the SaaS: Mandiant makes use of companies to flee FireEye

Revenge of the SaaS: Mandiant makes use of companies to flee FireEye

Mandiant has untangled itself from FireEye (FEYE) by promoting the product portion of the agency to Symphony Expertise Group (STG) for $1.2 billion. FireEye’s historical past as probably the most “nearly acquired vendor” is lastly over as STG takes the reins.

Picture: putilich/Getty Photographs/iStockphoto

In a cybersecurity divorce that had fewer main indicators than the dissolution of Kim and Kanye, Mandiant has lastly untangled itself from FireEye (FEYE) by promoting the product portion of the agency to Symphony Expertise Group (STG) for $1.2 billion. FireEye’s historical past as probably the most “nearly acquired vendor” is lastly over as STG takes the reins. The lengthy and winding saga of two firms that by no means ought to’ve been put collectively will come to a detailed in This fall of 2021. 

A tradition conflict from day one 

The FireEye and Mandiant cultures by no means really meshed. FireEye personnel had been masters of {hardware} gross sales, whereas Mandiant cultivated a tradition of experience and mastery. Each teams earned their swagger, however the dream crew envisioned by no means materialized. This misalignment was by no means really rectified, and the harm was achieved with the post-acquisition mind drain resulting in a Mandiant diaspora of launching startups, operating different safety firms, and main safety packages as chief info safety officers. FireEye personnel exited simply as rapidly, doing a lot of the identical. 

When FEYE purchased Mandiant, it was a cybersecurity darling that had simply had a profitable IPO, with a inventory worth that shot up 80% above its IPO debut, and immediately grew to become one of many main innovators within the cybersecurity area. On the time, FEYE was at the vanguard of a safety renaissance, a “new vendor” with a brand new strategy that emerged as an alternative choice to the antivirus-heavy safety distributors of the prior decade. However all too quickly, the highlight FireEye relished turned far too intense. Monetary losses, missed alternatives, and merchandise that had been good however by no means displaced incumbents weighed the seller down. Mandiant gained its personal fame with the discharge of the APT1 report and have become one in every of a handful of go-to incident response companies, having responded to a number of intrusions by state-nexus actors. 

FireEye by no means grew to become the seller it was alleged to be 

FEYE’s portfolio included safety {hardware} that sat throughout nearly the whole expertise stack, however these gadgets by no means really displaced different controls. Firewalls nonetheless exist, and sandbox performance grew to become a function of them. FEYE’s different choices reminiscent of TAP and Helix by no means took over the safety analytics or safety orchestration, automation, and response (SOAR) area both. The corporate consistently looked for the dominance Mandiant loved over the incident response market, however finally by no means discovered it. Whereas the merchandise did not get hold of a dominant place out there, Mandiant slowly started to reinvent itself via legacy companies and software program as a service (SaaS). 

FireEye’s historical past of seeing the place the markets are going effectively earlier than others is maybe the factor it needs to be remembered most for. Along with snapping up Mandiant, FireEye additionally acquired one of many earlier cyberthreat intelligence companies—iSIGHT Companions—which joined forces with Mandiant’s crew. It acquired an early SOAR participant in Invotas (now Helix) and purchased Reply Software program. However seeing what’s coming and appearing early is not enough, and in all these instances, FireEye merchandise by no means grew to become must-haves. Whereas, throughout the identical time-frame, the Mandiant facet of the enterprise largely excelled, putting in a number of Forrester Wave™ evaluations as a Chief, FireEye safety merchandise didn’t fare as effectively in our evaluations. The connection between the 2 sides of the enterprise was by no means equal, and finally, Mandiant acknowledged that legacy FireEye options had been holding it again. 

Mandiant discovered itself making FireEye merchandise “work” for shoppers 

In a number of earnings calls all through 2020, Kevin Mandia talked about that the corporate was dedicated to shifting off a FEYE-only ecosystem of merchandise inside its companies apply. The sale to STG actually proved that to be true, so no half measures there. Mandiant was capable of finding momentum via SaaS choices reminiscent of Mandiant Safety Validation, Mandiant Benefit Risk Intelligence, Mandiant Managed Detection and Response, and its legacy incident response enterprise. The safety market now values the power to combine far greater than the power to bundle, though combining each works, too. 

Providers shedding merchandise will not be the norm 

Typically in M&A transactions like this, the product vendor buys the companies vendor. Larger margins, more money move, and better multiples places software program and SaaS firms in a greater place to purchase companies firms than vice versa. However we have seen — and written about — the growing variety of firms launching with companies wrapped round their very own IP in managed detection and response (MDR), cybersecurity consulting, and managed safety service markets. Managed SaaS or bundled options that embody “managed platforms” are the trend and can proceed to be. The economics of SaaS are compelling for distributors — and consumers — however SaaS is only a product hosted some place else by another person. Safety groups nonetheless use the answer. By layering a managed safety service functionality on high of SaaS and promoting bundles, distributors and finish customers get one of the best of each worlds. 

Very similar to FireEye’s strikes into SOAR, or its more moderen early transfer within the breach and assault area via the acquisition of Verodin (now often known as Mandiant Safety Validation), the corporate continues to make the proper strikes effectively earlier than opponents. Simply because these strikes didn’t all the time pan out doesn’t suggest they had been unhealthy decisions, they usually acted as catalysts for opponents to do the identical. 

STG is aware of one thing we do not—or thinks it does 

Regardless of the causes STG acquired McAfee, RSA, and now FireEye, every of these distributors represents a as soon as proud safety model that discovered itself failing to maneuver to the cloud and pivoting far too late to SaaS, then watching its market share disappear to opponents. The capital benefits of those acquisitions have to be monumental, or the personal fairness agency has confidence that it might probably put these damaged firms again collectively. Maybe STG plans to create some kind of cybersecurity tremendous group paying homage to the Rattling Yankees. 

STG has both added to its assortment of billion-dollar boat anchors or has set the stage for a tremendous comeback story. It actually would not lack ambition. The seemingly consequence is a pared-down product portfolio vendor, an thrilling new rebranding announcement in 18–24 months, and the IPO of an modern safety firm that all of us should not bear in mind as the hardly stitched-together elements of McAfee, RSA, and FireEye. 

Mandiant will profit from divesting of its acquirer 

For finish consumer safety leaders who need to see how this performs out, Mandiant appears to be in place to proceed its ahead momentum by streamlining itself. Mandiant struggled to promote its “controls agnostic” companies whereas connected to the FireEye model. That’s now a solved downside. The break up will even enable Mandiant to capitalize on its intelligence-driven companies and develop the Managed Protection enterprise, satisfying one in every of its shoppers’ most frequent requests in our current Wave analysis on the MDR area. By opening up extra to monitoring and managing any vendor’s safety controls, the cyberthreat intelligence groups will profit from elevated visibility into the worldwide menace panorama. As Kevin Mandia mentioned, this removes all bias from Mandiant. 

FEYE advantages from the checking account of STG and its removing from the investor highlight because it retools. The danger is that it will get merged and saddled with some Frankenstein creation that features McAfee and RSA, which is unlikely to resolve extra issues than it creates. FireEye does shine when in comparison with STG’s different two big-brand cybersecurity “has-beens.” Being one of the best participant on a nasty crew, nonetheless, nonetheless implies that you lose most of your video games. Up to now, PE acquisitions of cybersecurity firms has resulted in loads of exercise for buyers however little, if any, innovation for finish customers. 

In 5 years, we anticipate to see Mandiant as a extremely recognizable safety model, whereas FireEye will seemingly get positioned in a renamed IPO stuffed with “synergies” … for buyers. 

This publish was written by Vice President and Principal Analyst Jeff Pollard, and it initially appeared right here.  

Additionally see

Source link