Mandiant Deal Not Disrupting Partners, Says FireEye Channel Chief

FireEye's $1 billion acquisition of endpoint security and incident response services firm Mandiant is having no serious impact on the ability of the company's partners to deliver services, said FireEye Channel Chief Steve Pataky.

In an interview with CRN, Pataky, vice president of FireEye's worldwide channels and alliances, said the company will remain first and foremost a product company. He added that FireEye has received a lot of questions from partners about how the addition of Mandiant could impact their business.

’Mandiant is important to us from product point of view and incident response point of view because it is imperative for us to be as close to the breach as possible,’ Pataky said. ’What we affirmed with this was that we are going to enable their partner services practices to perform up to their level of capability.’

[Related: Missed FireEye Alerts Reportedly Warned Of Security Lapse At Target ]

Sponsored post

Milpitas, Calif.-based FireEye acquired Mandiant in December, mainly for its incident response and digital forensics services, say industry analysts. Its consulting services team can deploy quickly at a client site to identify and analyze a serious system compromise. The firm gained widespread attention in 2013 for its APT-1 report, which outlined serious system compromises at hundreds of organizations, believed to be carried out by a group that is closely connected to the Chinese government.

FireEye remains committed to the channel, Pataky said. The channel sales team will reach up to 100 personnel in 2014. FireEye field sales reps are identifying key regional partners and large systems integrators that can get certified and provide support and services.

Two new certifications will help address partner concerns and help FireEye determine a partner’s incident response capabilities, Pataky said. The FireEye Certified Support Partner enables solution providers to offer their own branded support to the market, backed up by FireEye. Meanwhile, the FireEye Certified Services Partner is for partners with the capabilities to carry out a full incident response services practice, endorsed by FireEye.

The two programs will be officially unveiled in the second half of the year, Pataky said.

’Yes, Mandiant has a strong reputation in incident response and in services, and since many of our partners don’t have that in their portfolio, it became an incremental opportunity for us to pursue,’ Pataky said.

NEXT: Partners See More Competition

A FireEye partner, who wished to remain anonymous, said sales of the FireEye appliance have slowed for his firm as more competing products are brought to market and gained attention. The services capabilities are an additional revenue generator for partners who have the skilled staff to support incident response, he said.

"[Businesses] are looking for lower priced options to address advanced threats or APTs," he said. "How they handle incident response isn't even on their radar yet."

Many partners have praised the Mandiant deal as a way to differentiate itself against Palo Alto Networks, Sourcefire (which Cisco recently acquired), and McAfee (with its acquisition of Stonesoft), which all use similar technology. FireEye CEO Dave DeWalt unveiled a new intrusion prevention system in February. The move extends its virtualized sandbox technology to analyze suspicious files for malicious behavior though an IPS appliance that sits directly behind a firewall for an additional layer of protection and increased visibility. The FireEye platform is responsible for detecting 11 zero-day vulnerabilities in 2013, more than any other security vendor. The firm has uncovered four zero-day threats in 2014. Zero-day attacks exploit a previously unknown software vulnerability and are associated with advanced persistent threats.

In a recent interview Dan Thormodsgaard, vice president of solutions architecture at FishNet Security, praised the Mandiant deal as a way for the company to grow revenue and build a broader platform. "A standalone solution wouldn't hold up against broader platforms," Thormodsgaard said.

The company is also bolstering its marketing efforts to reach smaller enterprises and businesses that are higher risk for a targeted attack using custom malware, Pataky said. FireEye and other security vendors have seen evidence that advanced threats carried out by nation states are targeting smaller firms in the partner supply chain. The attackers use data and insight from system compromises to work their way up to their ultimate target.

The whole SMB sales team is focused on driving awareness and demand on the Sub-Fortune 2000 category, Pataky said. New marketing campaigns this year will try to raise awareness that smaller firms are not immune to the threat.

To capture a larger share of small and midsize businesses, FireEye signed a deal with Westcon to set up two-tiered distribution strategy for the first time in North America, Pataky said. The distributor will be used to recruit new partners, and provide marketing and training assistance.

In addition, Pataky said he worked with the company’s newly created partner advisory council to role out new partner program changes in 2014. Infrastructure improvements have sped up the routing for the deal registration process, boosting its use, according to FireEye. Pataky also said the company is seeing a rise in partner registrations, with a 38 percent quarterly increase in the first quarter of 2014.

The company provides a stackable discount at the front end as part of the partner reward system and is adding target-based performance incentives for partners, setting a goal for all top tier partners associated with their business plan. A new business development fund has been created for the first time, freeing up funds for co-marketing and enablement activities, Pataky said.