Skip to content

Search the site

Google snatches Mandiant from under Microsoft's nose in $5.4b deal

Google has agreed to buy Mandiant for $5.4 billion in cash -- a move that startled many market watchers after months of speculation that Microsoft was close to acquiring the cybersecurity company.

The move comes just one year after Mandiant regained its independence, with FireEye in October 2021 selling its own network, endpoint, and email security product business to private equity fund Symphony Technology Group (STG) for $1.2 billion, making Mandiant's SaaS platform more vendor-agnostic.

Mandiant will now join Google Cloud when the deal closes.

Cloud security remains a hugely growing market as application migrations and new cloud-native application creation by large enterprise continues apace and Google said in a March 8 press release that the deal would enhance its existing suite of cloud security offerings to "deliver an end-to-end security operations suite with even greater capabilities to support customers across their cloud and on-premise environments.

The deal pulls one of the most respected incident response companies into the arms of a corporation regularly satirised for killing products and as such, was met with some dismay by many in the security community. (Google's own "independent" security startup Chronicle, launched in 2018, was folded into Google Cloud less than 18 months after its launch with its CEO, CSO and CTO all leaving in the wake of that decision.)

Google buys Mandiant. What now?

"Organizations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” said Thomas Kurian, CEO, Google Cloud, making his largest deal to-date.

He added: “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”

“There has never been a more critical time in cybersecurity. Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats,” said Kevin Mandia, CEO, Mandiant, adding: "Together, we will deliver expertise and intelligence at scale, changing the security industry.”

Mandia, who was FireEye CEO from June 2016 through September 2021, grew Mandiant to nearly 500 employees and more than $100 million in revenue. Before Mandiant, he was the Director of Computer Forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003. He was previously a US Air Force Officer, serving as a computer security officer in the 7th Communications Group at the Pentagon. Neither Mandiant nor Google's releases revealed any details about his future or that of the Mandiant executive team.

Forrester's analysts had noted after Mandiant's new independent that it "seems to be in position to continue its forward momentum by streamlining itself", adding that the company had "struggled to sell its 'controls agnostic' services while attached to the FireEye brand. That is now a solved problem. The split will also allow Mandiant to capitalize on its intelligence-driven services and grow the Managed Defense business, satisfying one of its clients’ most frequent requests in our recent Wave evaluation on the MDR space. By opening up more to monitoring and managing any vendor’s security controls, the cyberthreat intelligence teams will benefit from increased visibility into the global threat landscape. As Kevin Mandia said, this removes all bias from Mandiant."

It was a short-lived idea...

See also: Google sued over location data harvesting, as Attorney General alleges “dark patterns”