In the latest sign of the burgeoning security automation market, threat intelligence giant FireEye announced it has purchased Respond Software, a Mountain View, California startup that sells machine learning and automated, cloud-based investigation, detection and response services.
Respond Software’s Extended Detection and Response (XDR) software will augment Mandiant Advantage, FireEye’s own subscription-based, SaaS security automation platform. In a Nov. 19 blog, Phil Montgomery, senior vice president for solution and product marketing at FireEye, said acquisition was designed to address the widespread shortage of human security personnel required to monitor and respond to the vast number of cybersecurity alerts their companies are receiving every day.
“Today, the security skills gap is most pronounced on the front lines — especially the monitoring and triage of security-related events and alerts. Security analysts are asked to review a mountain of alerts and data from a diverse variety of security controls — from a host of different vendors — all day, every day,” wrote Montgomery. “To address this, most security programs are forced to add more security analysts to perform the real-time monitoring of largely siloed alerts, and make judgment calls on whether to act. Alert monitoring is limited, error-prone, costly, and ultimately untenable as humans can’t scale to the increasing volume of attacks.”
It appears FireEye’s interest is in using XDR for the early stage investigation and triage activities, leveraging the software’s machine learning algorithm to quickly combine and correlate threat data from disparate third-party vendor sources.
It’s yet another indicator that the market for security automation is continuing to gain steam. As SC Media reported earlier this week, the hunger many industries have to hand off more of their security and threat hunting work to algorithms is being offset by an increasingly complex landscape of internal and third party threat feeds, differing data standards and a general lack of cybersecurity maturity within many organizations.
That’s what makes the potential impact of combining Respond Software’s XDR and Mandiant Advantage across FireEye’s substantial customer base so intriguing. It can eliminate the need for much of the documentation, refinement and polishing required for many organizations to set up their own security automation in-house, or at least outsources much of that work to FireEye.
And it could be a sign of further things to come. The same day the acquisition was made public, FireEye announced it had received $400 million in new investment from Blackstone Tactical Opportunities and ClearSky. The money is supposed to “support strategic growth initiatives” like the Respond Software purchase. According to FireEye, the investment will come in the form of a newly designated 4.5 percent Series A convertible preferred stock of the company, with a purchase price of $1,000 per share. That in turn can be converted into common FireEye stock at $18 a share. Viral Patel, senior managing director at Blackstone, will also join FireEye’s board of directors as part of the deal.