Kevin Mandia, Mandiant CEO (left) and Thomas Kurian, Google Cloud CEO (right)          Source: Google 

Google today completed its Mandiant acquisition. The cyber defense and response vendor will join Google Cloud while retaining its brand. 

The tech giant announced in March that it was buying Mandiant for $23 per share in an all-cash deal valued at around $5.4 billion. Analysts expected the deal to exemplify Google’s ambitions in the cybersecurity market and better its position to compete with Microsoft and Amazon Web Services (AWS) over cloud security.

“Combining Google Cloud’s existing security portfolio with Mandiant’s leading cyber threat intelligence will allow us to deliver a security operations suite to help enterprises globally stay protected at every stage of the security lifecycle,” Google Cloud CEO Thomas Kurian wrote in a blog post.

Kurian highlighted Mandiant’s threat intelligence team, its detection and response capabilities, and its threat research. Combined with Google’s data processing, artificial intelligence, and machine learning capabilities, the pair will support Google Cloud customers and other organizations to meet their security requirements in the rapidly changing world, he claims. 

“As part of Google Cloud, Mandiant now has a far greater capability to close the security gap created by a growing number of adversaries,” Mandiant CEO Kevin Mandia wrote in a blog post.

“By combining our expertise and intelligence with the scale and resources of Google Cloud, we can make a far greater difference in preventing and countering cyber attacks, while pinpointing new ways to hold adversaries accountable,” he added.

Despite it being now part of Google Cloud, “Mandiant is not going away – in fact, it’s getting stronger,” Mandia wrote, who remains in the Mandiant CEO role. 

Mandia previously served as CEO of FireEye from June 2016 through September 2021. FireEye bought Mandiant for about $1 billion in early 2014. Last year, it announced plans to reposition its Mandiant threat intelligence and incident response arm as an independent company. And Mandiant changed its name back and became a publicly-traded company. 

As founder and CEO, Mandia led Mandiant to grow to nearly 500 employees and more than $100 million in revenue, according to the vendor. Its threat intelligence team includes security and intelligence experts from 22 countries, serving customers located in 80 countries and powering its Mandiant Advantage managed multi-vendor extended detection and response (XDR) platform. 

Analysts agree that Google Cloud might be a better match for Mandiant than FireEye. 

Google can offer scalability and economies of scale through the cloud that FireEye couldn’t, Neil MacDonald, VP and distinguished analyst at Gartner, told SDxCentral in an earlier interview.

Analysts also expect Google to continue its security shopping spree as cloud giants continue to fight over security.

Microsoft Azure rolled out a SIEM tool called Azure Sentinel in 2019 and then simplified its XDR platforms under its Defender brand. Microsoft also last summer acquired RiskIQ, including its attack surface visibility and threat intelligence capabilities. 

Both Kurian and Mandia expect the Google Cloud and Mandiant integration will advance the shared fate model, which calls to take an active role in cybersecurity and help customers find potential threats before they become an incident.

“By adding Mandiant’s attack surface management capabilities to Google Cloud’s portfolio, organizations will be able to continually monitor assets for exposures, enabling intelligence and red teams to move security programs from reactive to proactive to understand what’s vulnerable, misconfigured, and exposed,” Kurian wrote.

He added that Mandiant’s security validation capabilities can help organizations “continuously validate and measure the effectiveness of their cybersecurity controls across cloud and on-premise environments.”

Additionally, Google’s Autonomic Security Operations plus Mandiant’s global expertise in incident response can strengthen Google Cloud’s security operations suite as a central point of intelligence, analysis, and operations across hybrid and multi-cloud environments, according to Kurian.