FireEye Sells Product Business; Focus Shifts to Mandiant Cyber Security, Intelligence Cloud Services

FireEye is doubling down on its vision for cloud-based cyber security and intelligence and its expanding Mandiant Advantage technologies. The updates come as FireEye announced an agreement to sell its FireEye Products business to a consortium led by Symphony Technology Group.

Tags: automation, cloud, FireEye, Mandiant, security, XDR,

Leading enterprise security vendor FireEye is doubling down on its vision for security intelligence as a service, as it focuses on expanding its portfolio of Mandiant Advantage technologies. 


The move comes as FireEye has also reached a definitive agreement to sell its FireEye Products business, including the FireEye name, to a consortium led by Symphony Technology Group. The all-cash transaction has a value of $1.2 billion.  


"We believe this separation will unlock our high-growth Mandiant Solutions business and allow both organizations to better serve customers," said FireEye CEO Kevin Mandia in a statement. 


"After closing, we will be able to concentrate exclusively on scaling our intelligence and frontline expertise through the Mandiant Advantage platform, while the FireEye Products business will be able to prioritize investment on its cloud-first security product portfolio. STG's focus on fueling innovative market leaders in software and cybersecurity makes them an ideal partner for FireEye Products. We look forward to our relationship and collaboration on threat intelligence and expertise," Mandia added. 


Word of the FireEye/STG transaction comes as Mandiant Advantage continues to expand services by introducing the Mandiant Automated Defense Module, which comes with multi-vendor extended defense and response (XDR) capability. 


Mandiant Automated Defense is the latest Mandiant Advantage platform module, joining the Mandiant Threat Intelligence and Mandiant Security Validation modules.


The Mandiant SaaS solution aims to address multiple dimensions of security and access management, with capabilities for managing people, process, and technology challenges faced by cybersecurity defenders in the SOC, according to said Chris Key, Executive Vice President of Products, Mandiant Solutions. 


"Skill shortages, an overwhelming number of alerts, and even misconfigured tools all contribute to the challenges faced by the modern SOC. Our customers have been asking us for technology that embeds Mandiant expertise and intelligence into their environments at scale. Mandiant Automated Defense is another of our products that does just that," Key said in a statement.


In specific, Mandiant Automated Defense allows security analysts to triage alerts from the security stack at machine speed, scale, and consistency using data science and machine learning.


Under the covers, the platform provides support for more than 60 security technologies, cloud platforms and network management tools.


Mandiant offers users a suite of aggregated frontline intelligence and expertise to more effectively and rapidly meet known and emerging threats that can challenge the modern SOC (security operations centers). As an example, "In February 2021 alone, Mandiant Automated Defense reduced more than 52 billion customer alerts to less than 700 prioritized investigations that required attention, significantly reducing time wasted on chasing false positives," Key wrote in a recent blog post. 


Key’s blog further explained how Mandiant Automated Defense "dramatically increases" Mandiant's ability to scale its unique expertise and intelligence as Software delivered through an easy-to-deploy SaaS interface.  

Mandiant Automated Defense, formerly Respond Software's virtual analyst product, enables CISOs and their teams to gain the upper hand in cyber warfare.


The detection and response module combines machine learning with Mandiant's expert threat intelligence to conduct an automated triage process at machine speed, investigating alerts and prioritizing detections while minimizing false positives. This capability enables SOC teams to investigate threats that matter, simplify security operations at scale, and unify your security data to prioritize and focus on the most relevant threats. 


Even organizations with sophisticated security programs struggle to protect against the ever-widening threat landscape and understand and respond to the threats that matter most. 


Mandiant Automated Defense combines with Mandiant Security Validation and Mandiant Threat Intelligence to quickly identify relevant threats and take appropriate action, shifting the focus of the SOC away from controls to four key high-impact areas:

  • Leverage threat intelligence and prioritize the threats that matter most
  • Continuously validate performance of security controls, people, and processes that protect the organization
  • Enhance automation of processes and leverage expert managed services across all capabilities
  • Gain quantifiable metrics that demonstrate a strong security posture to business leadership

By leveraging Mandiant's scalable detection and response capabilities, combined with the ability to measure and prove security effectiveness against the threats that matter most, CISOs can streamline operations and concentrate resources where they will have the greatest likelihood of success. Security leaders can then rationalize their security program by identifying areas where more spending may be needed or areas where costs can be cut without impacting risk. 

Ultimately, Mandiant Automated Defense and the Mandiant Advantage Platform help enable security leaders to give the C-suite confidence that digital assets are protected and compliant.


Also speaking, Jon Oltsik, Senior Principal Analyst and Fellow, Enterprise Strategy Group, said: 


"Enterprises are truly changing the way they manage security operations," said Through Respond Software, Mandiant has added an innovator in security operations that can help enable security teams better serve customers, increase productivity, and achieve better cyber security business outcomes. Mandiant Automated Defense can help customers truly work without boundaries – outside of their current tools and processes."


Going back to the FireEye-STG agreement, STG managing partner William Chisholm said of the deal, "We are extremely impressed by the FireEye Products business and the mission-critical role it plays for its customers. We believe that there is enormous untapped opportunity for the business that we are excited to crystallize by leveraging our significant security software sector experience and our market leading carve-out expertise."