FireEye has entered into a definitive agreement to sell its products business and name to a consortium led by private equity tech investor Symphony in a $1.2bn, all-cash transaction that will see the threat intelligence unit Mandiant – which it bought in 2013 – spun out.
The deal, which will supposedly close by the end of 2021 subject to the usual hoops being jumped through, will separate the FireEye portfolio of network, email, endpoint and cloud security solutions, and its management and orchestration platform, from Mandiant’s control-agnostic software and services.
The company said this would enable both organisations to accelerate their growth, pursue new go-to-market strategies, and refocus innovation. Both will continue to operate as a single entity until the deal is signed.
“We believe this separation will unlock our high-growth Mandiant Solutions business and allow both organisations to better serve customers,” said FireEye CEO Kevin Mandia, who set up the eponymous Mandiant in 2004 following a career in the US armed forces, part of it spent at the Air Force Office of Special Investigations.
“After closing, we will be able to concentrate exclusively on scaling our intelligence and frontline expertise through the Mandiant Advantage platform, while the FireEye Products business will be able to prioritise investment on its cloud-first security product portfolio.”
Symphony, which has other interests in cyber including McAfee’s enterprise business and RSA Security, said it had been impressed by the FireEye business and the mission-critical role it has taken on on behalf of its customers. Managing partner William Chisholm said: “We believe that there is enormous untapped opportunity for the business that we are excited to crystallise by leveraging our significant security software sector experience and our market-leading carve-out expertise.”
Mandia added: “STG’s focus on fuelling innovative market leaders in software and cyber security makes them an ideal partner for FireEye Products. We look forward to our relationship and collaboration on threat intelligence and expertise.”
Mandiant is a significant force in cyber intelligence and investigation, which is provided to users through its open Advantage software-as-a-service (SaaS) platform, giving customers of all sizes access to current threat intel data and tips, automated alert investigations and prioritisation, and security control product assessment.
Over the years, its in-house research team has frequently found itself at the centre of high-profile cyber incidents – in the past year alone it has played a significant role in shining a light on the threat actors behind ransomware gangs including Maze and the Darkside affiliate which held up Colonial Pipeline, as well as the widespread Microsoft Exchange attacks, among many others. It also played a pivotal role in the discovery and investigation of the SolarWinds Orion incident.