Google To Acquire Mandiant For $5.4 Billion

Alphabet’s Google division is to acquire the veteran cybersecurity specialist Mandiant in a transaction valued at roughly $5.4 billion.

Mandiant and Google announced the deal in separate press releases and said the offer price represents a 57 percent premium of the average price as of 7 February, the last full trading day prior to market speculation regarding a potential sale of the company.

Upon the close of the acquisition, Mandiant will join Google Cloud. It comes after Microsoft last month was reportedly considering a deal to buy Mandiant.

Mandiant acquisition

But Google got there first.

Mandiant is a cybersecurity veteran, having been founded back in 2004. It has more than 600 consultants that respond to thousands of security breaches per year. The firm also has more than 300 intelligence analysts.

The addition of these specialists to the Google Cloud will advanced its security offerings “to better protect and advise customers across their on-premise and cloud environments.”

The acquisition will “complement Google Cloud’s existing strengths in security. Together with Mandiant, Google Cloud will deliver an end-to-end security operations suite with even greater capabilities as well as advisory services helping customers address critical security challenges and stay protected at every stage of the security lifecycle.”

“Cyber security is a mission, and we believe it’s one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organisation,” said Kevin Mandia, CEO, Mandiant.

“Together, we will deliver our expertise and intelligence at scale via the Mandiant Advantage SaaS platform, as part of the Google Cloud security portfolio,” said Mandia. “These efforts will help organizations to effectively, efficiently and continuously manage and configure their complex mix of security products.”

“The Mandiant brand is synonymous with unmatched insights for organisations seeking to keep themselves secure in a constantly changing environment,” added Thomas Kurian, CEO, Google Cloud.

“This is an opportunity to deliver an end-to-end security operations suite and extend one of the best consulting organisations in the world,” said Kurian. “Together we can make a profound impact in securing the cloud, accelerating the adoption of cloud computing, and ultimately make the world safer.”

The acquisition is subject to customary closing conditions.

Outbidding Microsoft

Google’s triumph over Microsoft has meant the firm has had to pay a premium for Mandiant, noted Forrester VP principal analyst Jeff Pollard.

“After divorcing FireEye, Mandiant spent very little time being single as suitors lined up,” said Pollard. “Rumors swirled that Microsoft was the destination, but Google came in and outbid Microsoft for the firm.”

“GCP is playing catchup to Microsoft in cybersecurity and lacks its competitors’ inherent advantages in the enterprise: endpoint and active directory,” Pollard added. “That forces it to pay a premium and be more aggressive, which its signaled a willingness to do.”

“This acquisition adds strong services to GCP’s portfolio and immediately adds expertise to Google Cybersecurity Action Team,” said Pollard. “Mandiant found a matchup with deep pockets as it reinvents itself.”

“But significant gaps remain for the combined entity,” Pollard concluded. “Perhaps the most critical of those gaps is on the enterprise endpoint. GCP relies on EDR to complete its XDR offering, so we expect an EDR tool is next on its shopping list.”

Mandiant history

Founded in 2004, Mandiant has an interesting history in the cybersecurity industry, and for years it specialised in endpoint security, incident response and remediation.

In 2013 it gained recognition when it was able to identify a geographic region inside China where a campaign of information-stealing attacks by a group linked to China’s military was being staged.

In a report on Chinese hackers released in February 2013, Mandiant identified the group within the People’s Liberation Army known as Unit 61398 that was responsible for more than 140 attacks investigated by the firm since 2006.

The report brought together a large body of evidence – more than 3,000 indicators – as well as profiled three individuals who conduct specific duties in the unit.

At the time the Chinese government of course denounced Mandiant’s report, saying it was groundless both in facts and legal basis.

China even claimed that the Chinese IP addresses identified had been spoofed or hijacked.

Soon after that in January 2014 Mandiant was acquired by FireEye in a transaction worth $1 billion, as the later sought to bolster its cyber forensics capabilities.

Mandiant became a standalone entity again in 2021 when FireEye sold its products business and the FireEye name for $1.2 billion to a consortium led by private-equity firm Symphony Technology Group.