FireEye today announced the acquisition of Verodin, the leader in validating the effectiveness of cyber security controls. The transaction closed today and is valued at approximately $250 million in cash and stock, net of acquired net cash and excluding assumed unvested options, based on the closing price of FireEye’s common stock on May 24, 2019. The combination is expected to be accretive to revenue, cash flow from operations and non-GAAP operating income in 2020, and add approximately $20 million to billings in 2019 and more than $70 million to billings in 2020.
The Verodin Security Instrumentation Platform adds significant new capabilities to the FireEye portfolio by identifying gaps in security effectiveness due to equipment misconfiguration, changes in the IT environment, evolving attacker tactics, and more. Equipped with FireEye frontline intelligence, the Verodin platform will measure and test security environments against both known and newly discovered threats, empowering organizations to identify risks in their security controls before a breach occurs, and rapidly adapt their defenses to the evolving threat landscape.
“Security effort does not equal security effectiveness. That is why security-conscious customers red-team their networks – they need the unvarnished truth of how effective their security programs are. Verodin gives us the ability to automate security effectiveness testing using the sophisticated attacks we spend hundreds of thousands of hours responding to, and provides a systematic, quantifiable, and continuous approach to security program validation,” said Kevin Mandia, chief executive officer at FireEye. “We believe there is no better way to train people and instrument better security than by continually attacking the environment and adapting security controls to the real threats. Finally, organizations will have a reliable and consistent way to quantify cyber risk in a manner understandable to frontline technicians and in the Board room.”
“Cyber security today is based on assumptions – that technologies work as vendors claim, products are deployed and configured correctly, processes are fully effective, and changes to the environment are properly understood, communicated and implemented. However, the reality is much different for almost every organization and often they discover this only after being on the wrong side of a breach,” said Chris Key, Verodin co-founder and chief executive officer prior to the acquisition. “By joining FireEye, Verodin extends its ability to help customers take a proactive approach to understanding and mitigating the unique risks, inefficiencies and vulnerabilities in their environments.”
The Verodin platform complements existing cyber security products and technology-enabled services. Verodin will integrate with FireEye Helix security orchestration capabilities to help customers prioritize and automate continuous improvement of security controls. Customers will also be able to implement Verodin cyber security measurement and validation solutions “as-a-service” through the FireEye Managed Defense service and as an Expertise On Demand automated service.
Verodin solutions will continue to be available on a standalone basis through Verodin resellers, as well as through the global community of FireEye channel partners. Based on the company’s preliminary evaluation of the Verodin business and the anticipated impact of purchase accounting on Verodin deferred revenue balances, guidance ranges for the second quarter and full year 2019 have been updated to reflect the acquisition.
Additionally, FireEye currently expects the acquisition of Verodin to contribute over $70 million to 2020 billings and be accretive to 2020 revenue, cash flow and non-GAAP operating income.
