Google to Acquire Mandiant for $5.4 Billion in Cash

Google on Tuesday said it has agreed to acquire cybersecurity firm Mandiant in an all-cash deal valued at roughly $5.4 billion.

The official announcement came shortly after rumors of Google’s interest in the security firm emerged Monday. 

Trading of Mandiant shares were halted late Monday after reports of Google’s interest. 

Less than a month after news surfaced that Microsoft was interested in buying Mandiant at a price tag in the range of $4 billion, Google stepped in to acquire the threat intelligence and incident response company credited for discovering the Solarwinds supply chain compromise.

Considered a premier incident response firm tracking advanced nation-state threat group activity, Mandiant was originally acquired by FireEye in December 2013. The two firms were split apart in late 2021 in a $1.2 billion private equity transaction that separated the Mandiant Solutions unit from FireEye’s endpoint protection and cloud security product.

Google is investing in cybersecurity to drive its cloud computing portfolio, and has beefed up its own security lineup with the recent acquisition of Siemplify to add to the Chronicle SIEM platform and the VirusTotal malware analysis platform.

Upon the close of the acquisition, Mandiant will join Google Cloud.

“Google Cloud offers customers a robust set of services including pioneering capabilities such as BeyondCorp Enterprise for Zero Trust and VirusTotal for malicious content and software vulnerabilities; Chronicle’s planet-scale security analytics and automation coupled with services such as Security Command Center to help organizations detect and protect themselves from cyber threats; as well as expertise from Google Cloud’s Cybersecurity Action Team,” Google said.

Mandiant has more than 600 consultants and 300 intelligence analysts that respond to thousands of security incidents each year, including many of the highest profile attacks. 

“After divorcing FireEye, Mandiant spent very little time being single as suitors lined up,” said Forrester VP and Principal Analyst Jeff Pollard. “Rumors swirled that Microsoft was the destination, but Google came in and outbid Microsoft for the firm. GCP [Google Cloud Platform] is playing catchup to Microsoft in cybersecurity and lacks its competitors’ inherent advantages in the enterprise: endpoint and active directory. That forces it to pay a premium and be more aggressive, which its signaled a willingness to do.” 

“This acquisition adds strong services to GCP’s portfolio and immediately adds expertise to Google Cybersecurity Action Team,” Pollard added. “Mandiant found a matchup with deep pockets as it reinvents itself. But significant gaps remain for the combined entity. Perhaps the most critical of those gaps is on the enterprise endpoint. GCP relies on EDR to complete its XDR offering, so we expect an EDR tool is next on its shopping list.” 

Under the terms of the agreement, Google will pay $23.00 per share of Mandiant, totalling approximately $5.4 billion, inclusive of Mandiant’s net cash.

The acquisition is subject to customary closing conditions and is expected to close later this year.

The cybersecurity industry has seen record activity in terms of funding and merger and acquisitions (M&A) recently. According to a study conducted by SecurityWeek, more than 430 cybersecurity-related mergers and acquisitions were announced in 2021.

*Updated commentary