Google to Acquire Mandiant; EDR Acquisition Next?

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Google today announced that it has agreed to acquire Mandiant for roughly $5.4 billion to bolster its cloud security.

Google noted that Google Cloud already offers a number of security services, including BeyondCorp Enterprise for Zero Trust, VirusTotal for malicious content and software vulnerabilities, Chronicle security analytics and automation and the Security Command Center risk management platform in addition to the company’s Cybersecurity Action Team.

With Mandiant, Google broadens its offerings with an XDR platform, threat intelligence, incident response, automation and managed detection and response (MDR).

“Organizations around the world are facing unprecedented cybersecurity challenges as the sophistication and severity of attacks that were previously used to target major governments are now being used to target companies in every industry,” Google Cloud CEO Thomas Kurian said in a statement. “We look forward to welcoming Mandiant to Google Cloud to further enhance our security operations suite and advisory services, and help customers address their most important security challenges.”

“There has never been a more critical time in cybersecurity,” stated Mandiant CEO Kevin Mandia. “Since our founding in 2004, Mandiant’s mission has been to combat cyber attacks and protect our customers from the latest threats. To that end, we are thrilled to be joining forces with Google Cloud. Together, we will deliver expertise and intelligence at scale, changing the security industry.”

Google envisions its security operations providing a central point of intelligence, analysis and operations across on-premises environments, Google Cloud and other cloud providers in multi-cloud environments.

“Google Cloud is deeply committed to supporting the technology partners of both companies, including the endpoint ecosystem,” the company stated. “This acquisition will enable system integrators, resellers and managed security service providers to offer broader solutions to customers.”

The merger is expected to close later this year.

Also read: SIEM vs. SOAR vs. XDR: What Are The Differences?

Catching Up to Microsoft

There were reports that Microsoft was also interested in acquiring Mandiant, only to be outbid by Google.

That’s a good thing for Google, notes Forrester VP and Principal Analyst Jeff Pollard.

Pollard said Google Cloud “is playing catchup to Microsoft in cybersecurity and lacks its competitors’ inherent advantages in the enterprise: endpoint and active directory. That forces it to pay a premium and be more aggressive, which it signaled a willingness to do.”

He added that “significant gaps remain for the combined entity. Perhaps the most critical of those gaps is on the enterprise endpoint. GCP relies on EDR to complete its XDR offering, so we expect an EDR tool is next on its shopping list.”

Also read: Top Endpoint Detection & Response (EDR) Solutions

Another Major Change for Mandiant

It’s been a tumultuous year for Mandiant, which split with FireEye last year. As Pollard put it, “After divorcing FireEye, Mandiant spent very little time being single as suitors lined up.”

FireEye then merged with McAfee’s enterprise business, and in January the merged entity was renamed Trellix, a name previously associated with Mandiant.

But even the FireEye-McAfee merger isn’t quite done yet, as McAfee’s enterprise cloud business will be spun off into a separate as-yet-to-be-named company.

Read next: Top Cybersecurity Companies for 2022

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Paul Shread Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.




Top Cybersecurity Companies

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis