Mandiant, Inc. is an American

cybersecurity Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...

firm and a subsidiary of

Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...

. Mandiant received attention in February 2013 when it released a report directly implicating

China China, officially the People's Republic of China (PRC), is a country in East Asia. With population of China, a population exceeding 1.4 billion, it is the list of countries by population (United Nations), second-most populous country after ...

in cyber espionage. In December 2013, Mandiant was acquired by

FireEye Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company that was founded in 2022. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and ana ...

for $1 billion, who eventually sold the FireEye product line, name, and its employees to

Symphony Technology Group STG Partners, LLC (STG) is an American private equity firm and based in Menlo Park, California. Its predecessor, Symphony Technology Group ("Symphony") was founded in 2002Dorbian, Iris (July 1, 2024) STG Rising: Hailing the Newcomer on the 100. ...

for $1.2 billion in June 2021. In March 2022, Google announced that it would acquire the company for $5.4billion and integrate it into its Google Cloud division, with the firm becoming fully incorporated in September 2022.

Founding

Kevin Mandia, a former

United States Air Force The United States Air Force (USAF) is the Air force, air service branch of the United States Department of Defense. It is one of the six United States Armed Forces and one of the eight uniformed services of the United States. Tracing its ori ...

officer who serves as the company's

chief executive officer A chief executive officer (CEO), also known as a chief executive or managing director, is the top-ranking corporate officer charged with the management of an organization, usually a company or a nonprofit organization. CEOs find roles in variou ...

, founded Mandiant as Red Cliff Consulting in 2004 before

rebranding Rebranding is a marketing strategy in which a new name, term, symbol, design, concept or combination thereof is created for an established brand with the intention of developing a new, differentiated identity in the minds of consumers, investors ...

to its current name in 2006. In 2011, Mandiant received funding from

Kleiner Perkins Caufield & Byers Kleiner Perkins, formerly Kleiner Perkins Caufield & Byers (KPCB), is an American venture capital firm which specializes in investing in incubation, early stage and growth companies. Since its founding in 1972, the firm has backed entrepreneur ...

and

One Equity Partners One Equity Partners is a private equity firm with over $10 billion in assets under management which primarily deals with the industrial, healthcare and technology sectors in North America and Europe. One Equity Partners was the merchant banking ...

to expand its staff and grow its

business-to-business Business-to-business (B2B or, in some countries, BtoB) refers to trade and commercial activity where a business sees other businesses as its customer base. This typically occurs when: * A business sources materials for its production process for ...

operations, providing incident response and general security consulting along with incident management products to major global organizations, governments, and

Fortune 100 The ''Fortune'' 500 is an annual list compiled and published by ''Fortune'' magazine that ranks 500 of the largest United States corporations by total revenue for their respective fiscal years. The list includes publicly held companies, along w ...

companies.

History

Mandiant is the creator of OpenIOC (Open

Indicators of Compromise Indicator of compromise (IoC) in computer forensics is an artifact observed on a computer network, network or in an operating system that, with high confidence, indicates a computer intrusion. Types of indication Typical IoCs are virus signature ...

), an extensible

XML schema An XML schema is a description of a type of XML document, typically expressed in terms of constraints on the structure and content of documents of that type, above and beyond the basic syntactical constraints imposed by XML itself. These constrai ...

for the description of technical characteristics that identify threats, security hackers' methodologies, and evidence of compromise. In 2012, its revenues were over $100 million, up 76% from 2011. In February 2013, Mandiant released a report documenting evidence of cyber attacks by the

People's Liberation Army The People's Liberation Army (PLA) is the military of the Chinese Communist Party (CCP) and the People's Republic of China (PRC). It consists of four Military branch, services—People's Liberation Army Ground Force, Ground Force, People's ...

, specifically

Pudong Pudong is a list of administrative divisions of Shanghai, district of Shanghai located east of the Huangpu River, Huangpu, the river which flows through central Shanghai. The name ''Pudong'' was originally applied to the Huangpu's east bank (g ...

-based

PLA Unit 61398 PLA Unit 61398 (also known as APT1, Comment Crew, Comment Panda, GIF89a, or Byzantine Candor; , Pinyin: 61398 ''bùduì'') is the military unit cover designator (MUCD) of a People's Liberation Army advanced persistent threat unit that has been a ...

, targeting at least 141 organizations in the

United States The United States of America (USA), also known as the United States (U.S.) or America, is a country primarily located in North America. It is a federal republic of 50 U.S. state, states and a federal capital district, Washington, D.C. The 48 ...

and other

English-speaking countries The English-speaking world comprises the 88 countries and territories in which English is an official, administrative, or cultural language. In the early 2000s, between one and two billion people spoke English, making it the largest language ...

extending as far back as 2006. In the report, Mandiant referred to the espionage unit as "APT1". In December 2013, Mandiant was acquired by

for $1 billion. In October 2020, the company announced Mandiant Advantage, a subscription-based

SaaS Software as a service (SaaS ) is a cloud computing service model where the provider offers use of application software to a client and manages all needed physical and software resources. SaaS is usually accessed via a web application. Unlike oth ...

platform designed to augment and automate security response teams which combined the threat intelligence gathered by Mandiant and data from cyber incident response engagements; in December, the company investigated a major

supply chain attack A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. ...

through SolarWinds software in U.S. government infrastructure. In May 2021, Mandiant was contracted to assist in the response to a ransomware incident impacting Colonial Pipeline, a fuel pipeline operator that supplies close to half of the gasoline, diesel, and other fuels to the East Coast of the U.S. In June, the company was spun off FireEye as part of the latter's acquisition by

. In August, the company acquired Intrigue, which specialized in surface management. In 2022, ''Axios'' reported that Mandiant reporters identified a pro-

disinformation campaign targeting American voters ahead of the 2022 midterm elections. On May 4, 2023, Mandiant announced its integration for MISP, Splunk SIEM and SOAR.

Acquisition by Google

In March 2022, it was announced that the company would be acquired by

for $5.4 billion and subsequently integrated into the Google Cloud division. Following the announcement, ''Fortune'' reported that while the deal could face antitrust scrutiny, the acquisition "could help increase competition" rather than harm it. In April 2022, it was reported that the Department of Justice (DOJ) Antitrust Division was probing the deal for potential violations of federal antitrust law. However, Mandiant revealed in July 2022 that the DOJ granted the acquisition approval. Following a review over potential competition concerns, the

Australian Competition & Consumer Commission The Australian Competition and Consumer Commission (ACCC) is the chief competition regulator of the Government of Australia, located within the Department of the Treasury. It was established in 1995 with the amalgamation of the Australian Tra ...

(ACCC) announced it would not oppose the deal. On September 12, 2022, the deal closed and integration between Mandiant and Google Cloud began. Following the acquisition, Mandiant was allowed to maintain its brand as a subsidiary of Google Cloud.

Flare-On

Since 2014, every year around autumn the company organizes a well-known cybersecurity reverse engineering challenge called Flare-On, with participants from around the world.

References

External links

*
Flare-On challenge website
{{Authority control 2004 establishments in Virginia 2022 mergers and acquisitions American companies established in 2004 Companies based in Alexandria, Virginia Companies formerly listed on the Nasdaq Computer security companies Google acquisitions Google Cloud Software companies based in Virginia Software companies established in 2004