Today, FireEye, a security and intrusion detection company, bought nPulse Technologies to beef up its security platform by giving customers easier insight into the nature of a network intrusion.
According to FireEye, they will pay approximately $60 million in cash, and issue around $10 million in stock consideration that is subject to the achievement of certain milestones. They did not elaborate on those milestones in response to our query.
Prior to buying nPulse, it had been a partner of FireEye’s, according to Dave Merkel, CTO at FireEye, and having that prior relationship certainly helped lay the groundwork for the deal, and should help when it comes to folding it into FireEye’s security platform.
FireEye helps companies detect intrusions on a company network, while nPulse builds on this by providing a way to track the intrusion and understand what happened while the intruder was traipsing around inside the network.
nPulse CEO, Tim Sullivan explained that his company can process network packet data very quickly, then index it and provide a way to query the information to see very clearly what happened during the intrusion. The alternative would be an excruciating forensics process involving information like firewall and system logs, which may or may not yield the information you’re looking for after an intrusion –and would certainly involve significant work hours to track down answers.
With nPulse, users can query against the data that nPulse has collected, much in the same way you would search against an index of content to find documents that match your query criteria.
The nPulse purchase comes on the heels of another purchase, Mandiant, which FireEye bought for around $1B in January. Mandiant provides insight into what’s happening as the intrusion is going on.
When you put all three pieces together, says Merkel, you have a platform that gives you complete coverage from detection to activity to historical review of what happened. Merkel said that the addition of nPulse filled a hole in the product line that previously had to be provided by third party products.
“If you don’t have a solution like this and the ability to deploy it on the network, then you don’t have visibility and you are left to trying to infer answers to those questions [about what happened],” Merkel explained.
With all three pieces in place, you can see a potential exploit on network using FireEye, while Mandiant gives you insight to exploit of the host and nPulse gives you the after action report, creating a fairly comprehensive set of network security tools.
FireEye launched in 2004, raising over $800M before going public in September, 2013.
PHOTO CREDIT: (c) Can Stock Photo