FireEye acquires security instrumentation vendor Verodin
The transaction is valued at approximately $250 million in cash and stock, net of acquired net cash and excluding assumed unvested options
FireEye has announced the acquisition of Verodin, which validates the effectiveness of cyber security controls. The transaction is valued at approximately $250 million in cash and stock, net of acquired net cash and excluding assumed unvested options, based on the closing price of FireEye’s common stock on May 24, 2019. The combination is expected to be accretive to revenue, cash flow from operations and non-GAAP operating income in 2020, and add approximately $20 million to billings in 2019 and more than $70 million to billings in 2020.
The Verodin Security Instrumentation Platform adds new capabilities to the FireEye portfolio by identifying gaps in security effectiveness due to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Equipped with FireEye frontline intelligence, the Verodin platform will measure and test security environments against both known and newly discovered threats, empowering organisations to identify risks in their security controls before a breach occurs, and rapidly adapt their defenses to the evolving threat landscape.
“Security effort does not equal security effectiveness. That is why security-conscious customers red-team their networks – they need the unvarnished truth of how effective their security programs are. Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable, and continuous approach to security program validation,” said Kevin Mandia, chief executive officer at FireEye. “We believe there is no better way to train people and instrument better security than by continually attacking the environment and adapting security controls to the real threats. Finally, organisations will have a reliable and consistent way to quantify cyber risk in a manner understandable to frontline technicians and in the board room.”
“Cyber security today is based on assumptions – that technologies work as vendors claim, products are deployed and configured correctly, processes are fully effective, and changes to the environment are properly understood, communicated and implemented. However, the reality is much different for almost every organisation and often they discover this only after being on the wrong side of a breach,” said Chris Key, Verodin co-founder and chief executive officer prior to the acquisition. “By joining FireEye, Verodin extends its ability to help customers take a proactive approach to understanding and mitigating the unique risks, inefficiencies and vulnerabilities in their environments.”
Verodin will integrate with FireEye Helix security orchestration capabilities to help customers prioritise and automate continuous improvement of security controls. Customers will also be able to implement Verodin cyber security measurement and validation solutions 'as-a-service' through the FireEye Managed Defense service and as an Expertise On Demand automated service.Verodin solutions will continue to be available on a standalone basis through Verodin resellers, as well as through the global community of FireEye channel partners.