Microsoft Eyes Mandiant Buy In Threat Intelligence Megadeal: Report

‘We run this company like it’s ours forever, and that’s what we’re going to do,’ Mandiant CEO Kevin Mandia told CRN Tuesday while declining to comment on the Microsoft acquisition report.

Microsoft is examining an acquisition of threat intelligence powerhouse Mandiant to bolster its products and help protect customers from hacks and breaches, Bloomberg reported Tuesday.

The Redmond, Wash.-based software giant’s pursuit of Mandiant comes just four months after the Reston, Va.-based company sold its network, endpoint, and email security product business to Symphony Technology Group (STG) for $1.2 billion. Mandiant’s stock has skyrocketed $3.08 (20.48 percent) to $18.14 per share, which is the highest the company’s stock has traded since Nov. 16.

“We run this company like it’s ours forever, and that’s what we’re going to do,” Mandiant CEO Kevin Mandia told CRN while declining to comment on the Microsoft acquisition report. Microsoft also declined to comment on the acquisition report, and the company’s stock is up $2.98 (0.99 percent) to $303.94 in trading Tuesday afternoon.

Bloomberg cautioned that a deal between Microsoft and Mandiant isn’t finalized. Mandiant is currently valued at $4.27 billion, which is a fraction of the $68.7 billion Microsoft agreed to pay last month to acquire video game maker Activision.

Mandiant inked its first significant non-FireEye vendor partnership with Microsoft in April 2021 and saw immediate results. In the second quarter of 2021, a quarter of Mandiant’s new managed detection and response (MDR) customers were using Mandiant Managed Defense alongside Microsoft’s Windows Defender endpoint security product.

“Decoupling Mandiant expertise from FireEye products was one of the key purposes behind the strategy of divestiture, and we are seeing with Windows Defender our first big technical partnership,” Mandia told investors in August. The company on Tuesday announced a second endpoint security-focused partnership with SentinelOne.

Half of the competitive losses Mandiant experienced with its Managed Defense product were because customers wanted to use an endpoint security product that wasn’t FireEye’s, CFO Frank Verdecanna told CRN. Being able to offer Mandiant’s management subscription to Microsoft Defender customers without forcing them to deploy new technology has opened Managed Defense up to a broader market.

Since partnering with Microsoft, Defender customers have been able to take advantage of the expertise and intelligence Mandiant has without having to deploy FireEye products, Verdecanna said. In fact, a few customers were planning to drop Managed Defense since they wanted to use a different endpoint security product but ended up sticking around once they learned Mandiant now supports Defender.

“We continue to do a lot of different things with Microsoft them both on the management side but also on the IR [incident response] side and other partnership-related items,” Verdecanna said.