FireEye to grow intelligence capabilities with iSight Partners deal

FireEye has acquired Texas-based iSight Partners for $200 million, a deal that executives say will give FireEye stronger intelligence on cybercriminal and hacking groups before they strike.

The transaction, announced Wednesday, closed on Jan. 14.

FireEye started with an end-point protection product aimed at filtering out malware before it entered a company’s network. But the company has sought to expand its range of services through acquisitions as cybersecurity has become an ever-increasing concern — and a more lucrative business.

In early 2014, it bought Mandiant, a computer security company that specializes in investigating cyberattacks. The victims of some of the largest data breaches in memory, including Target, have retained Mandiant’s services.

Intelligence capabilities made iSight attractive, said Travis Reese, president of FireEye’s Mandiant subsidiary. While FireEye and Mandiant study how attacks affect victims, iSight collects intelligence about the attackers.

iSight has 350 employees, of which about 250 are threat-intelligence experts, spread across 17 countries. The company has published in-depth threat reports on cybercriminal and hacking groups, which are available to its subscribers.

Its analysts study what groups are creating hacking tools, where they sell and trade tools, the infrastructure they use, how they perform reconnaissance and where stolen data is transferred.

John Watters, iSight’s founder and CEO, said the goal is to studying hacking groups and integrate that information into FireEye’s systems, which use machine learning.

“When you’re able to take our intelligence and drive that into their detection platforms, you’re going to be able to protect against things you would have not otherwise seen,” he said.

FireEye also sees potential to develop tailored product lines using iSight’s intelligence. FireEye’s systems see specific technical attack data on a customer’s system, but they do not necessarily know the group behind it, which iSight can help with.

“When you know of all the campaigns targeting South American banks, you can have a South American banking product line,” Watters said.

New product offerings for OEM partners may emerge in the next three to six months, Watters said. However, the companies are focused less on new standalone products and more on using iSight’s intelligence in existing services, Watters said.

iSight has 100 customers and serves 250 government agencies, most of which are in the U.S. as part of a large federal government contract iSight has had since 2010.

Some foreign government agencies also subscribe to iSight to augment their own capabilities, Watters said.

The acquisition also includes a $75 million cash-and-equity incentive for iSight shareholders if the companies hit combined billing targets for intelligence products, Watters said.