FireEye [FEYE] on Jan. 2 said it has acquired Mandiant in a deal valued at $1 billion, creating a cyber security firm with a comprehensive range of solutions and managed services for commercial and government customers.
FireEye, which is based in California, said it closed the acquisition on Dec. 30, 2013, paying $106.5 million in cash and the rest in stock.
Combined with Mandiant, FireEye expects its sales in 2014 to be between $400 million and $410 million versus between $240 million and $250 million without the acquisition.
Investors cheered the deal, sending FireEye’s shares up nearly 39 percent on Jan. 3 to close at $57.09.
For FireEye, the deal provides it with a marquis managed security services brand that provides customers with forensics and incident response expertise. Incident response and professional services currently account for about 2 percent of its sales but in 2014 are projected to contribute between 15 and 17 percent of revenues.
Mandiant is the “gold standard” in incident response and “often is the first call” that is made when there is a serious security breach of an organization,” David DeWalt, chairman and CEO of FireEye, said at the outset of an investor call to discuss the acquisition.
The deal also gives FireEye additional products. Mandiant provides its customers with endpoint-based threat detection products that will complement FireEye’s suite of network-based threat detection products, and its virtual machine-based detection solutions designed to prevent attacks.
Once a network-detection product detects a solution, customers will have endpoint containment, Kevin Mandia, the founder and CEO of Mandiant and now the chief operating officer for FireEye, said on an analyst call to discuss the merger.
DeWalt said with the endpoint products, FireEye is now “closer to the breach when it occurs,” which will also provide a “pull” for its own products into new customers while decreasing the sales cycle. He added that FireEye will now be able to accelerate the deployment of its virtual machine-based detection technology from the network to the endpoint.
“The combined product portfolio will cover all the major attack points within an organization, and our expanded services capacity will allow us to quickly pivot to incident response when necessary to reduce the impact of security breaches,” Mandia said in a statement.
More than 50 percent of Mandiant’s sales are product-related with the remainder generated by its services business.
While the two companies are now merged, they have been working together for the past two years and for nearly a year have provided integrated solutions, some of which are already in use by Fortune 500 companies, DeWalt said.
Andrew Plato, president of the consulting firm Anitian Enterprise Security
, said in a blog post that FireEye’s acquisition of Mandiant brings together “two white-hot superstars of the security industry” and provides a needed boost to FireEye’s technology.
“A FireEye detection system that is seasoned and augmented with intelligence from Mandiant’s investigations would have a significant detection advantage over anybody else in the market,” Plato wrote.
The merger still creates a number of cross-selling opportunities for both companies’ products, DeWalt said. He said FireEye currently has just a 20 percent overlap with Mandiant’s customers while Mandiant has less than 10 percent overlap with FireEye’s.
FireEye’s addressable market expands from $11.6 billion currently to about $30 billion due to the acquisition, according to one of the company’s briefing slides. The addressable market includes endpoint products, cloud offerings, services, and managed defense.
FireEye, which has a footprint in 40 countries, will also open Mandiant’s business to new international opportunities, DeWalt said. More than 95 percent of Mandiant’s sales a currently to customers in the United States, he said.
FireEye, combined with Mandiant, now has nearly 2,000 employees.
Mandiant’s financial adviser on the deal was Qatalyst Partners.