FireEye's biggest weakness was the isolation of its product. Although technically well received, customers were forced to integrate it with products from other companies for a complete security stance. This left FireEye isolated in a relatively small market, and primarily competing with well-established anti-virus companies (many of whom have already expanded their lines into the wider security market).
There are two primary vehicles for FireEye's expansion. The first is to provide a single source for customers to secure their systems; and this is the role of Mandiant which extends FireEye's security from the network to the endpoint. "With Mandiant’s boots on the ground expertise and visibility into the endpoint," wrote Manish Gupta, SVP products yesterday, "FireEye’s Security Platform is enhanced to offer our customers a more complete view of activity on their network. Key to the new platform are Mandiant’s endpoint security products and managed services."
An unspoken additional benefit that Mandiant brings, with its undoubted forensics capabilities, is a close working relationship with the governments of both the US and UK.
The second vehicle in this expansion is the MVX-IPS product. To put this in context, Reuters notes, "The intrusion prevention systems (IPS) market totaled nearly $1.9 billion in 2012, according to market research firm IDC. That is nearly 10 times the size of the market for specialized threat analysis and protection technology, for which FireEye is best known."
The company is hoping that the same technological approach that differentiated its product from traditional anti-malware products will similarly differentiate it from existing IPS products. "While intrusion detection technology has held the promise of advanced threat detection for some time, it has generally failed to deliver by remaining too reliant on a signature-based approach," explained John Grady, a research manager at IDC.
Gupta added that “Current IPS products are failing to keep pace with the modern threat environment because they rely on the outdated signature-based model of protection, produce distracting false positives and lack actionable threat intelligence." The new MVX-IPS product is not based on signature detection but on threat validation, meaning, he added, "organizations can consolidate threat defenses, receive timely, validated threat notifications and actionable insights that allow security teams to focus on quickly getting to remediation. We believe this new approach to IPS will save organizations time and expense, and reduce their exposure windows.”
FireEye's potential in the market remains undoubted. Even before this announcement, its stock valuation rose by almost 9% on news that revenue had increased. Nevertheless, it has still never returned a profit – but moving from a small pond with many competitors to a large pond with fewer, albeit larger, competitors, gives FireEye greater scope for future profit.