Connect with us

Hi, what are you looking for?


Network Security

FireEye to Acquire Network Forensics Firm nPulse Technologies in $70 Million Deal

FireEye, a provider of threat prevention solutions, announced on Tuesday that it has agreed to acquire privately-held nPulse Technologies, a provider of network forensics solutions, for roughly $60 million in cash and $10 million stock.

FireEye, a provider of threat prevention solutions, announced on Tuesday that it has agreed to acquire privately-held nPulse Technologies, a provider of network forensics solutions, for roughly $60 million in cash and $10 million stock.

While the acquisition is significantly smaller than the roughly $1 billion deal to acquire mandiant, the technology gained will play an important role in FireEye’s overall product offering.

FireEyeIn an interview with SecurityWeek earlier this year, Tim Sullivan, President and Chief Executive Officer of nPulse Technologies, explained what the company actually does:

“nPulse Technologies does full packet capture. Consider it as a DVR for your network,” Sullivan said. “Say you’re watching a sports event such as soccer and want to see if the players hit a foul or if the ball went above the line – you’d go to the recording to validate. That’s the role we’re providing for security professionals. Security professionals are receiving alerts from firewalls, IDS, IPS and they need to go back in time – from the alert, which is the meta-data, to the actual data which is the packets. We provide the haystack and the tools to extract the needle from it.”

Bringing nPulse into the picture will give FireEye customers visibility into the entire attack lifecycle – from network intrusion to endpoint exploitation and lateral movement.

“If we want a longer term historical perspective on what may have happened with a breach in a network, we’ve got to have that data stored somewhere, but we need to be able to ask questions quickly if it’s going to be effective and useful to a security operations center every day,” Dave Merkel, CTO of FireEye, told SecurityWeek on Tuesday.

“The new reality of security is that every organization has some piece of malicious code within their network,” David DeWalt, Chairman of the Board and Chief Executive Officer of FireEye, said in a statement. “The more important question is has that code been able to execute any compromising activity that puts the organization at risk, and if so, what data left the network?”

When combined with the endpoint products recently-acquired from Mandiant, FireEye says it will be able to offer customers Enterprise Forensics capabilities across both gateway and endpoint nodes.

Advertisement. Scroll to continue reading.

“With the addition of deep analytic capabilities, FireEye will continue to redefine the security architecture, providing customers with a single security platform that delivers precise alerts with detailed forensic data on the full scope of an attack,” the company said.

nPulse also complements the existing FireEye web and email products by augmenting FireEye’s MVX technology with deep analytics.

Founded in 2006 by Randy Caldejon, nPulse originated as a special high performance computing project for in U.S. Intelligence community, after one of the major Intel agencies asked Caldejon if he could build for them a 10GB full packet capture, according to Sullivan.

Taking just $3 Million in funding since inception, the company has since designed a solution that performs at 10 Gbps full duplex and provides capture, inspection, and exposes indications of compromise within minutes.

In addition caputring to full packet capture at high speeds, nPulse is able to index them in real-time, enabling big-data analytics and rapid search capabilities paired with layer seven visibility.

For the Mandiant services team, the addition of of nPulse’s network forensics solution will result in faster incident response capabilities and enable more detailed data for the Managed Defense service, the company said.

“When we established a partnership with FireEye, our customers immediately realized the value of having comprehensive threat information in one central dashboard,” Sullivan said. “As the security industry evolves, customers are looking for one trusted partner to provide a comprehensive solution that provides threat data as well as a path to remediation. We’re looking forward to joining the FireEye team and helping to transform the security industry.”

Shares of FireEye, which topped $97 per share in early March, have plummeted over the past few months, closing at $37.13 at the close of trading Tuesday.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...