BrandWikiReturn

Mandiant

Mandiant, Inc. is an American cybersecurity firm and a subsidiary of Google. The company published a report in February 2013 that implicated China in cyber espionage. In December 2013, FireEye acquired Mandiant for $1 billion. FireEye later sold its product line, name, and employees to Symphony Technology Group for $1.2 billion in June 2021. In March 2022, Google announced it would acquire Mandiant for $5.4billion. The firm was fully incorporated into the Google Cloud division in September 2022.[2]

Founding

Kevin Mandia, a former United States Air Force officer who serves as the company's chief executive officer, founded Mandiant as Red Cliff Consulting in 2004 before rebranding to its current name in 2006.[3][4] In 2011, Mandiant received funding from Kleiner Perkins Caufield & Byers and One Equity Partners to expand its staff and grow its business-to-business operations, providing incident response and general security consulting along with incident management products to major global organizations, governments, and Fortune 100 companies.[5]

History

Mandiant is the creator of OpenIOC (Open Indicators of Compromise), an extensible XML schema for the description of technical characteristics that identify threats, security hackers' methodologies, and evidence of compromise. In 2012, its revenues were over $100 million, up 76% from 2011.[6]

In February 2013, Mandiant released a report documenting evidence of cyber attacks by the People's Liberation Army,[7] specifically Pudong-based PLA Unit 61398,[8] targeting at least 141 organizations in the United States and other English-speaking countries extending as far back as 2006.[9] In the report, Mandiant referred to the espionage unit as "APT1".[10]

In December 2013, Mandiant was acquired by FireEye for $1 billion.[11][12] In October 2020, the company announced Mandiant Advantage, a subscription-based SaaS platform designed to augment and automate security response teams which combined the threat intelligence gathered by Mandiant and data from cyber incident response engagements;[13] in December, the company investigated a major supply chain attack through SolarWinds software in U.S. government infrastructure.[14][15][16]

In May 2021, Mandiant was contracted to assist in the response to a ransomware incident impacting Colonial Pipeline, a fuel pipeline operator that supplies close to half of the gasoline, diesel, and other fuels to the East Coast of the U.S.[17][18] In June, the company was spun off FireEye as part of the latter's acquisition by Symphony Technology Group.[19][20] In August, the company acquired Intrigue, which specialized in surface management.[21]

In 2022, Axios reported that Mandiant reporters identified a pro-China disinformation campaign targeting American voters ahead of the 2022 midterm elections.[22]

On May 4, 2023, Mandiant announced its integration for MISP, Splunk SIEM and SOAR.[23]

In March 2024, Mandiant assisted with the investigation of the Snowflake data breach, where Snowflake’s customers were targeted in a massive data theft and extortion campaign. Targeted customers included Ticketmaster, Advance Auto Parts, Santander Bank, Neiman Marcus, LendingTree, AT&T, Pure Storage, and Bausch Health.[24][25]

Acquisition by Google

In March 2022, it was announced that the company would be acquired by Google for $5.4 billion and subsequently integrated into the Google Cloud division.[26][27] Following the announcement, Fortune reported that while the deal could face antitrust scrutiny, the acquisition "could help increase competition" rather than harm it.[28]

In April 2022, it was reported that the Department of Justice (DOJ) Antitrust Division was probing the deal for potential violations of federal antitrust law.[29] However, Mandiant revealed in July 2022 that the DOJ granted the acquisition approval.[30] Following a review over potential competition concerns, the Australian Competition & Consumer Commission (ACCC) announced it would not oppose the deal.[31]

On September 12, 2022, the deal closed and integration between Mandiant and Google Cloud began. Following the acquisition, Mandiant was allowed to maintain its brand as a subsidiary of Google Cloud.[32][33]

Flare-On

Since 2014, every year around autumn the company organises a well-known cybersecurity reverse engineering challenge called Flare-On, with participants from around the world.[34]

External links

References

  1. Mandiant Inc 2021 Annual Report (Form 10-K) U.S. Securities and Exchange Commission, March 1, 2022^
  2. Google Completes $5.4 Billion Acquisition of Mandiant www.channelfutures.com, retrieved 2025-01-17^
  3. MANDIANT, A New Name for a Fast Growing Company; Red Cliff Consulting LLC Rebrands as Firm Offers Expanded Services, Education and Software Tools Business Wire, February 14, 2006, retrieved January 5, 2016^
  4. Kyle Alspach. Kevin Mandia Stepping Down As CEO At Google-Owned Mandiant www.crn.com, retrieved 2025-01-17^
  5. Steven Overly. Mandiant in the spotlight as cyber attacks on companies increase The Washington Post, February 17, 2013^
  6. Brad Stone and Michael Riley. Mandiant, the Go-To Security Firm for Cyber-Espionage Attacks Bloomberg Business, February 7, 2013, retrieved January 5, 2016^
  7. Paul Harris. Chinese army hackers are the tip of the cyberwarfare iceberg The Guardian, February 23, 2013^
  8. Weiwei Xu. China denies hacking claims Morning Whistle, February 20, 2013, retrieved January 5, 2016^
  9. David E. Sanger, David Barboza, Nicole Perlroth. Chinese Army Unit Is Seen as Tied to Hacking Against U.S. The New York Times, February 18, 2013, retrieved January 5, 2016^
  10. Ellen Wan, Nakashima. Report ties cyberattacks on U.S. computers to Chinese military The Washington Post, February 19, 2013, retrieved January 5, 2016^
  11. Nicole Perlroth, David Sanger. FireEye Computer Security Firm Acquires Mandiant The New York Times, January 2, 2014, retrieved September 18, 2018^
  12. FireEye acquires Mandiant in $1bn deal BBC News, January 3, 2014^
  13. Charlie Osborne. FireEye's Mandiant debuts new SaaS threat intelligence suite ZDNet, October 6, 2020, retrieved October 7, 2020^
  14. Dustin Volz. U.S. Agencies Hacked in Foreign Cyber Espionage Campaign Linked to Russia The Wall Street Journal, December 13, 2020^
  15. William Turton, Kartikay Mehrotra. FireEye Discovered SolarWinds Breach While Probing Own Hack Bloomberg News, December 14, 2020^
  16. Jenna McLaughlin. The state of U.S. cybersecurity a year after the SolarWinds hack NPR, December 13, 2021^
  17. William Turton, Kartikay Mehrotra. Hackers Breached Colonial Pipeline Using Compromised Password Bloomberg Business, June 4, 2021, retrieved June 5, 2021^
  18. Ellen Nakashima, Yeganeh Torbati, Will Englund. Ransomware attack leads to shutdown of major U.S. pipeline system The Washington Post, May 8, 2021, retrieved May 12, 2021^
  19. MacKenzie Sigalos. FireEye is selling its products business and name for $1.2 billion CNBC, June 2, 2021^
  20. Chris Duckett. McAfee Enterprise and FireEye are now called Trellix ZDNet, January 18, 2022, retrieved February 8, 2022^
  21. Kyle Alspach. Mandiant's Advantage Platform To Get A Boost With Intrigue Acquisition CRN, August 10, 2021^
  22. Sam Sabin. Researchers uncover new pro-China disinformation campaign targeting U.S. voters Axios, 2022-10-26, retrieved 2022-10-28^
  23. New Mandiant Threat Intelligence Integrations for MISP, Splunk SIEM and SOAR, and Cortex XSOAR by Palo Alto Networks Mandiant, retrieved 2023-05-09^
  24. Alleged Snowflake hacker consents to extradition from Canada after US charges therecord.media, retrieved 2025-12-04^
  25. Kyle Alspach. Snowflake Customers Hit With ‘Significant’ Data Theft In Attacks: Mandiant www.crn.com, retrieved 2025-12-04^
  26. Sam Shead. Google to acquire cybersecurity firm Mandiant for $5.4 billion CNBC, March 8, 2022, retrieved March 8, 2022^
  27. Adam Satariano. Google is buying Mandiant, a cybersecurity firm, for $5.4 billion. The New York Times, 2022-03-08, retrieved 2026-04-10^
  28. Can antitrust regulators justify killing a Google-Mandiant deal? Fortune, retrieved 2022-10-28^
  29. Jeff Burt. US DOJ probes Google's $5.4b Mandiant acquisition www.theregister.com, retrieved 2022-10-28^
  30. Jay Fitzgerald. Google-Mandiant Deal Closer After DOJ Ends Antitrust Inquiry CRN, 2022-07-18, retrieved 2022-10-28^
  31. Google's acquisition of Mandiant not opposed The Bull, 2022-08-11, retrieved 2022-10-28^
  32. Corin Faife. Google now owns the firm that found SolarWinds hack The Verge, September 12, 2022, retrieved September 12, 2022^
  33. Paul Sawers. Google closes $5.4B Mandiant acquisition TechCrunch, 2022-09-12, retrieved 2022-09-13^
  34. Announcing the 10th Annual Flare-On Challenge Google Cloud Blog, retrieved 2025-01-17^