Security analysts expect FireEye’s decision to sell its product business will help accelerate the growth of the company’s current Mandiant software and services division-while bringing some uncertainty to its customers of its network, email, endpoint, and cloud security products .
FireEye announced on Wednesday that it has agreed to sell its product business and brand name to private equity firm Symphony Technology Group (STG) for $1.2 billion. The agreement is expected to be completed by the end of the year and will result in the separation of FireEye’s security products and related management and orchestration technologies from Mandiant’s security intelligence and incident response services business.
After the transaction is completed, it will become an independent Mandiant Solutions company, focusing on a series of security consulting, custodial defense, threat intelligence and verification services. At the same time, FireEye’s products will be included in the broader and rapidly growing portfolio of traditional security products that STG has acquired in recent years.
“Unfortunately, the future of the FireEye product business and its employees and customers is now very uncertain,” said Omdia analyst Eric Parizo.
STG already owns a number of companies, including hybrid cloud security posture management provider Redseal and long-troubled provider RSA Security. STG will also complete its $4 billion acquisition of McAfee’s corporate division later this year.
“In the end, the addition of the FireEye product group will provide STG with a large enterprise security product portfolio, but this product portfolio is redundant in many areas, including endpoint security, SIEM, network forensics, malware sandboxes, etc.,” Parizo Say.
Kevin Mandia, CEO of FireEye and founder of Mandiant, will retain his position as CEO of the new Mandiant. After the transaction is completed, Bryan Palma, currently executive vice president of FireEye, will lead the company. In a blog post on Thursday, Mandia described the planned separation as the best option for both companies, with little disruption to customers.
“A joint reseller agreement will enable the FireEye and Mandiant sales teams to continue to provide our integrated solutions,” Mandia said. He pointed out that Mandiant and FireEye have also established procedures for mutual protection of customer data and ensure that both parties have the resources needed to fulfill their customer commitments.
If approved, the transaction will end what analysts say is an incompatible relationship between FireEye and Mandiant, since the former acquired the latter for approximately $1 billion in December 2013.
“Mandiant’s DNA and FireEye’s DNA are not mixed,” said John Pescatore, director of emerging security trends at the SANS Institute.
Mandiant’s history and advantages are purely as a security service participant, while FireEye’s tradition has always been in the product field. He said that although there have been examples of product companies successfully acquiring and integrating service businesses in the past, for FireEye and Mandiant, there is indeed no such effort.
“After all, they never really merged the two companies,” Pescatto said.
Splitting the business gives Mandiant the opportunity to return to what it does best. Pescatore said that for FireEye, this transaction will provide cash, which can be used to introduce an excellent product management team.
Write on the wall
According to Palizzo, this article has been written on the wall for a long time. He said that FireEye’s product business is a drag on Mandiant’s service business. Mandia and his team are likely to recognize that FireEye’s device-based business provides little prospects for long-term revenue growth. In fact, as of the end of 2020, the bill and revenue of the FireEye product business have fallen by 15% compared to two years ago.
He said that internal friction between FireEye’s product and service departments is increasing.
“There is no doubt that Mandia facilitated the STG transaction,” Palizzo said.
He said that John Watters, the president and COO recently hired by Mandia and FireEye, both have a long history in the service field and hope to get back to their roots by getting rid of the troubled product department.
“I think this will be a strong move for Mandiant in the future,” Parizo added. “The company will be able to focus on providing security services.”
The transaction also expanded STG’s influence in the traditional security product business. S&P Global Market Intelligence Research Director Scott Crawford said that in recent years, the company has made some important acquisitions at relatively low prices by pursuing low-growth but still profitable businesses. For example, if the FireEye transaction is successful, STG will acquire the company at a value slightly higher than 2.2 times its revenue, and the average multiple of secure transactions in the industry is between 7 and 9 times revenue, he said.
Crawford said: “Private equity firms know that these traditional security product areas still have value.”
However, the long-term prospects of the pure security vendors that STG acquired are somewhat vague, as cloud vendors, operational technology vendors, and others are increasingly integrating core security capabilities into their technologies, he said.
Jai Vijayan is an experienced technical journalist with more than 20 years of experience in the IT trade news field. He most recently served as the senior editor of Computerworld, responsible for the information security and data privacy issues of the publication.In the course of his 20 years… view the complete bio