Google closed its $5.4 billion Mandiant acquisition today in a move that brings the threat intel and incident response giant under the Google Cloud umbrella.
The two companies first announced the deal – one of Google’s largest purchases – in March after a rumored Microsoft buy fell through. Six months and one shareholder lawsuit later, the two companies’ combined services and products help customers shift to a “more proactive approach” to security operations, according to Google Cloud CEO Thomas Kurian.
“The addition of Mandiant Threat Intelligence – which is compiled by their team of security and intelligence individuals spread across 22 countries, who serve customers located in 80 countries – will give security practitioners greater visibility and expertise from the front lines,” Kurian wrote.
As well as Mandiant’s threat detection and incident response teams, its attack surface management capabilities and security validation service will become part of Google Cloud’s portfolio, he added. The latter uses the company’s threat intel to measure how well an organization’s security controls perform against real-life attacks and hacking techniques, and gives them a score based on their preparedness.
Mandiant will keep its name, and continue to publish threat research that’s available to all, not just Google Cloud customers.
Mandiant, which was the first to uncover the SolarWinds cyberattack and pin it on Russian state-sponsored crooks, has earned a reputation as one of the top threat intelligence firms.
The earlier news that Google Cloud would consume the security biz didn’t find too many fans in the Twitterverse. But now that the deal is done, infosec pundits and practitioners will be watching to see how the merger plays out.
Mandiant founder and CEO Kevin Mandia said the acquisition will make his company “stronger” and better protect organizations from cyberattacks.
“More specifically, we can leverage our intelligence differentiator to automate security operations and validate security effectiveness,” Mandia said.
In an earlier interview with The Register, Google Cloud Security VP Sunil Potti said buying Mandiant, along with the company’s other security investments, fits into the number three cloud provider’s plan to win customers from Amazon and Microsoft.
The move to position Google as a “brand in security” started almost four years ago, even before SolarWinds marked the beginning of this era of wide-reaching supply chain attacks in enterprise IT, Potti said. The ultimate goal, however, remains moving large organizations to Google Cloud.
“Your overall security hygiene dramatically improves if most of your workloads are on a cloud,” Potti said. “That’s our end game, our true north. But along the way, we have to help modernize security because the adversaries are not waiting.” ®