Google plans to let Mandiant be Mandiant
Add Axios as your preferred source to
see more of our stories on Google.
Google Cloud CISO Phil Venables. Photo illustration: Shoshana Gordon/Axios; Photo: Aaron P. Bernstein/Bloomberg via Getty Images
Google may be the new owner of Mandiant, but it has no plans to swallow up the incident response firm's products or brand in its own offerings, a top Google security executive tells Axios.
Driving the news: Google unveiled a suite of new cloud security products today at its Google Cloud Next conference that incorporate Mandiant's incident response tools — marking the first preview of what a Google-run Mandiant will look like.
Catch up quick: Google announced its roughly $5.4 billion bid in March to purchase Mandiant, the cyber incident response firm known for first detecting the SolarWinds cyber espionage campaign in which Russian hackers breached at least nine federal agencies.
- Mandiant, which spun out of FireEye in 2021, had reportedly been in talks with Microsoft before sealing the deal with Google earlier this year.
- Mandiant CEO Kevin Mandia told reporters the deal with Google will allow his company to better help customers no matter whose security tools they use since Google's team investigates threats across product types.
The big picture: Mandiant will live on as a separate brand inside of its new parent company, Google Cloud CISO Phil Venables told Axios ahead of today's announcements. Mandia will continue as CEO, reporting to Google Cloud CEO Thomas Kurian.
- Mandiant customers will not be required to become Google customers, Venables said, although he hopes they will willingly become Google Cloud customers over time.
- Mandiant will not share with Google any proprietary information that it comes across while helping a company recover from ransomware, nation-state cyberattacks or other cybersecurity incidents, Venables said.
Details: Google has a dual-pronged strategy with Mandiant. On one side, Mandiant is continuing to offer its own standalone incident response products. On the other, more Google Cloud security products will embed Mandiant's incident response tools.
- One of the new products Google Cloud announced today, Chronicle Security Operations, will bundle several products into one hub, including incident response and threat intelligence products from Mandiant; security automation tools from security firm Siemplify, which Google also recently acquired; and Google's existing Chronicle event management tools.
Between the lines: Google, much like other Big Tech companies, has a reputation for acquiring competitors before they become big themselves. But Venables said this deal will instead create more competition in the cybersecurity space.
- "There's a little bit of a sigh of relief that there is going to be some competition to the other company that typically serves government," Venables said of Washington's reaction to the deal. (Microsoft's office productivity software has 85% of the government market, per the Computer & Communications Industry Association.)
What's next: Employees on Google's existing security teams and Mandiant have already started collaborating on threat intelligence research, which Venables hopes translates into stronger Google products down the line.
- "It's not this kind of little acquisition," Venables said. "It's this big part of our ongoing security transformation in terms of building a much bigger security business."
Sign up for Axios’ cybersecurity newsletter Codebook here.
