FireEye ‘Fire Sale’, Panaseer Security Guidance, & Infoblox 3.0 – ESW #230

IPO stuffed, ExtraHop instead ops for a 9x exit to PE firms. 9x for what looked like a healthy business 2 years ago? What happened?? Finance analysts seem baffled and without an S-1, we may never know.

Described by many as a firesale, the price is barely higher than what FireEye paid for Mandiant 7 years ago! Not a good sign. The multiple here was 1.64x - a far cry from the more typical 10-20x we see software vendors selling for. While some great research came out of FireEye over the years and the Mandiant business has always seemed to thrive, I'm not sure FireEye ever really built a product anyone really wanted or needed. Bit of a rant from me on them: https://twitter.com/sawaba/status/1400207552139431936 What's really crazy though is who bought them - STG has also recently acquired RSA and McAfee.

There have always been consulting firms that build tools and even spin-off product companies, but it seems a more common trend these days. Where software cybersecurity companies can bring in a bigger multiple, they're more of a risk. Services traditionally bring in a much lower multiple, but their revenue is more predictable, as the services product changes very slowly and demand is fairly constant. Bishop Fox raised a Series A from ForgePoint to build a managed subscription service. Coalfire was acquired by private equity and appears to be going for something similar with Denim Group and Threadfix. The FireEye product portfolio was just offloaded for less than 2x, leaving Mandiant behind, which was originally purchased for around 10x back in 2014! It's an interesting trend that flips the funding/returns script somewhat.

It literally took me 10 minutes of Googling to realize that [redacted] was the company's actual name. I guess someone is getting a chuckle out of how clever they are, but I just found it irritating

SURE, WHY NOT???

"Available now, Proofpoint’s Information Protection and Cloud Security platform is the cloud native solution that combines enterprise data loss prevention (DLP), insider threat management, cloud app security broker (CASB), zero trust network access, remote browser isolation, and a cloud native web security solution."

"I follow the SD-WAN and SASE industries fairly closely but never really considered Citrix a major vendor in the space. Recently, the company updated me on their offerings, and I finished the meeting with a positive outlook on their products. SIA is a very robust, cloud-delivered security solution that gives work from home employees the same level of security as they would have in the office."

"The company is uniting NIOS, an on-premises DDI solution, with its cloud-native BloxOne Threat Defense and BloxOne DDI platforms to help customers bridge core networking and security into cloud environments that underpin the needs of the modern enterprise."

"CyberArk Dynamic Privileged Access: Drastically reduces risk of standing access by provisioning just-in-time access to hybrid and cloud workloads, starting with Windows and Linux Virtual Machines. Dynamic Privileged Access also includes full audit capabilities, providing insight into exactly who accessed what and when. Only CyberArk secures both standing and dynamic access across hybrid and multi-cloud environments while enforcing least privilege controls. CyberArk Secure Web Sessions: Adds additional layers of security to high-risk browser-based applications access via continuous monitoring, re-authentication enforcement and isolation of malicious processes originating on user devices. Secure Web Sessions enables enterprises to record and audit risky user behavior within any web application while maintaining a frictionless user experience. CyberArk Lifecycle Management for Privileged Users: An expansion of existing capabilities, customers can now further expedite employee onboarding, including those with privileged access, and meet audit and compliance mandates more efficiently. Lifecycle Management for Privileged Users integrates with existing solutions or can work with HR-driven identity management solutions, providing further flexibility to enterprises."

"ThycoticCentrify announced enhancements to its industry-leading solution for service account governance, Thycotic Account Lifecycle Manager. The latest version enables IT teams to govern cloud-based service accounts with direct integrations to external vaults such as AWS and Azure, and service accounts used within the DevOps environment."

"Panaseer’s CCM platform includes these and hundreds of other best practice security metrics via its new in-platform Security Metrics Catalogue. In addition to Panaseer’s expertise, the Security Metrics Catalogue has been curated from a wide community of customers, industry experts, and framework organisations such as NIST and in collaboration with the Center for Internet Security (CIS). The proposition also provides recommendations to enable security teams to instantly improve their security metrics programme overall via metric groupings that include a ‘getting started’ collection, a peer-based recommendation collection, a customer favourites collection, and access to newly emerging metric suggestions."