News

STG Frees Mandiant with $1.2B Agreement To Acquire FireEye Security Products

• By Kurt Mackie
• 06/04/2021

The Symphony Technology Group (STG) and security solutions company FireEye announced the sale this week of FireEye's security products to STG for $1.2 billion.

The all-cash deal eventually will set FireEye's Mandiant security consulting and services side of the business free. However, the two company branches -- FireEye (now under STG) and Mandiant -- will continue to function as one company until the close of the deal, which is expected to occur in Q4 of this year.

Mandiant Separation
The deal will permit Mandiant to offer its consulting services and its Mandiant Advantage security services without having to also sell FireEye's hardware and software security products. This notion was implied by Kevin Mandia, FireEye's current CEO (and future Mandiant CEO) in a June 2 FireEye webcast explaining the deal.

"The transaction will separate FireEye's network, email, endpoint, and cloud security products, and related security management and orchestration platform from Mandiant Solutions' controls-agnostic software and services," Mandia further explained in a FireEye blog post.

Despite the coming separation, the two companies (STG and Mandiant) have signed strategic collaboration and technology-sharing agreements that extend beyond the deal's close.

The dispersion of products after the deal's close was summarized in this slide from the June 2 FireEye presentation:

Culture Clash
FireEye, specialized in hardware security platforms, had initially acquired Mandiant, which offered security expertise and consulting services. However, their cultures didn't align, according to analysts at research and consulting firm Forrester, in a June 3 Forrester blog post. The authors, Jeff Pollard, Brian Kime and Joseph Blankenship, credited FireEye for seeing security trends in advance by acquiring Mandiant. Ultimately, though, selling FireEye solutions was just holding back the Mandiant side of the business.

"The relationship between the two sides of the business was never equal, and eventually, Mandiant recognized that legacy FireEye solutions were holding it back," the analysts indicated.

Mandiant has become prominent of late for its forensics work on some major software breaches and vulnerabilities that made the news. For instance, Mandiant was involved in assessing the compromise of the SolarWinds Orion software. Mandiant also investigated vulnerabilities in the Pulse Connect Secure VPN product. 

The Forrester analysts noted that STG has purchased other security businesses, such as McAfee and certain RSA operations, which they characterized as having been slow in enabling their products as services. The analysts speculated that some sort of product combination and rebrand could later emerge from STG, with FireEye thrown into the mix.

STG, which describes itself as a "private equity partner to market leading companies in data, software, and analytics," suggested that the FireEye acquisition will be an opportunity, given STG's overall security software expertise.

"We are extremely impressed by the FireEye Products business and the mission critical role it plays for its customers," said William Chisholm, STG's managing partner, in a released statement. "We believe that there is enormous untapped opportunity for the business that we are excited to crystallize by leveraging our significant security software sector experience and our market leading carve-out expertise."