Despite its stock sinking to an all time low. Milpitas, CA-based FireEye acquired iSight Partners for $200m a few weeks ago.
iSight is somewhat complementary to Mandiant. But still left me with the feeling that the deal had a “hail Mary” feel to it.
FireEye didn’t stop to breath as it announced its acquisition of Invotas.
Invotas was a spin off from CSG international and was formally launched in February 2014.
Its product is an orchestration platform for SOCs, designed to integrate with most SIEM’s and networking monitoring tools. It allows analysts to bring up options within the SIEM itself to take actions. This is intended to save analyst time by performing backgound searches automatically and bringing relevant information to the fore.
In essence, at its core, security orchestrator is a cyber playbook. Capturing security-analyst workflows and deconstructing into a sequence of tasks, assigning roles and approval processes. Teams can then specify which tasks are should be automated and which will need analyst approval.
Incident response can be challenging. A lot of these challenges don’t come from the technology side. Rather, these come from a business and process level. For that Invotas makes a logical fit into FireEye’s core offerings and can help its customers better-manage incidents.
Much like the rationale behind ProofPoint’s acquisition of NetCitadel, FireEye can help reduce the time from incident alert to resolution.
The reduction in time from incident alert to resolution is the holy grail for many companies. In that regard, its somewhat surprising other companies didn’t move in to acquire Invotas sooner.
As many companies have found through history. Acquiring a technology is the easy part – integrating it in a timely and practical manner is quite another matter altogether.
Hexis Cyber Solutions, a spin off from KEYW, is probably the closest direct independent competitor to Invotas. It would make a good acquisition for any FireEye competitor wanting to match features.
But incident response as a whole is a crowded competitive space. FireEye will need to contend with Forensics vendors, SIEM providers as well as orchestration and change management vendors moving in the same space.
As a public company though, FireEye may be less worried about competitors. Its stock price was at a high just under a year ago at 54.23 and today lingers at 13.93. That may be too big a gap to buy its way out of.