Google Acquires Cyberdefense Firm Mandiant for $5.4B

Tech giant Google is shoring up its cloud security offerings with the $5.4 billion acquisition of security advisory and incident response services specialist Mandiant. 

The company’s dynamic cyberdefense solutions are delivered through the managed multi-vendor XDR platform Mandiant Advantage.

Mandiant’s services will be added to Google Cloud with the aim of offering an end-to-end security operations suite with additional capabilities as well as advisory services.

In a press statement from Mandiant, the company noted that its more than 600 consultants, provided with research from more than 300 intelligence analysts, currently respond to thousands of security breaches each year.

Among its services, the company provides comprehensive incident response, strategic readiness and technical assurance, as well as threat detection and intelligence against advanced adversaries.

Mandiant’s managed detection and response service offerings include continuous monitoring, event triage and threat hunting capabilities that are agnostic to customers’ endpoint and network tooling.

The company’s Advantage SaaS platform, offered with managed services support and powered by the Mandiant Intel Grid, offers the ability to measure, optimize and continuously improve security programs.

Google Shores up Cloud Security With Automated Defense

Google said it plans to integrate Mandiant’s Automated Defense security operations tools within Google Cloud’s Chronicle and Siemplify solutions to help customers analyze, prioritize and streamline threat response.

In addition, Mandiant’s Security Validation continuously validates and measures cybersecurity control effectiveness across cloud and on-premises environments. Integrating those capabilities would complement Google Cloud’s Security Command Center and improve risk management, a company statement said

The company was founded in 2004 as Red Cliff Consulting, a cybersecurity technology business; underwent a rebranding in 2006 and emerged as Mandiant. The company evolved into a services organization and was acquired by FireEye in 2012 in a $1 billion deal. It then sold its FireEye product line and name in 2021 and reverted back to Mandiant. 

The company has seen many possible suitors, including IBM and Cisco, in its tumultuous history. There was previous speculation that Microsoft was in the running to buy the company

Hank Thomas, CEO at Strategic Cyber Ventures, pointed out Mandiant has a very strong brand and reputation for a reason—they are the best of the best at what they do. The acquisition could result in more organizations moving to Google Cloud, said Thomas.

“There is no way this doesn’t convince some people to move to the Google Cloud,” he said. “There will have to be elements of Mandiant that won’t work easily with Google Cloud security requirements, such as their threat intel team. But being tied to Google just might make many of these Mandiant elements stronger at what they do.”

He pointed out that in ten years the industry has gone from a “it’s always safter in the cloud” to a “the cloud is a dangerous swamp” mindset.

“I think that is a better way of viewing any environment where so much sensitive data is being stored and traversing,” Thomas said. “Good marketing won’t make you more secure; acquiring companies like Mandiant will.”

John Bambenek, principal threat hunter at Netenrich, a digital IT and security operations company, added whether it turns out to be a good or bad deal will depend on how this acquisition is implemented.

“There have been large technology companies who have acquired security companies in the past just to watch those companies and their innovation wither and die,” he said. “I don’t see Google having IR capabilities as being a defining decision point on whether a company goes with GCP versus something else. The question of which cloud infrastructure provider to use is a developer and IT question, not a security question.”

He explained the growing trend is centralization, so for enterprises, ultimately, there will be less vendors to do business with.

“Whether the innovation and expertise Mandiant is known for grows or withers depends entirely on Google’s integration decisions,” Bambenek said.

Mandiant recently created a task force and initiated a global event to track the situation in Ukraine and provide updated insights and guidance to the company’s customers out of concern that the conflict increased the potential for cybersecurity threats to the international community.

The company’s Advantage Automated Defense solution recently earned the Federal Risk and Authorization Management Program’s (FedRAMP) Ready designation at the high Impact level.

Google Cloud already provides a broad set of security services, including BeyondCorp Enterprise for zero-trust and VirusTotal for malicious content and software vulnerabilities.

The company’s Chronicle security analytics and automation, coupled with services such as Security Command Center, help organizations detect and protect themselves from cybersecurity threats, with expertise from Google Cloud’s Cybersecurity Action Team adding to the mix. 

 

Nathan Eddy

Nathan Eddy is a Berlin-based filmmaker and freelance journalist specializing in enterprise IT and security issues, health care IT and architecture.

nathan-eddy has 344 posts and counting.See all posts by nathan-eddy