Industry Perspectives Blog

FireEye Enters Agreement to Acquire nPulse Technologies

Today, I’m excited to announce that we’ve entered an agreement to acquire nPulse Technologies, the performance leader in network forensics. The acquisition is expected to close during the second quarter of 2014, subject to standard closing conditions. nPulse has the fastest solution available for high-speed full packet capture and indexing. By combining the nPulse products with the FireEye platform, we’re building enterprise forensics capabilities that will enable incident investigation and remediation that no other security vendor can match. When combined with Mandiant services and the services capabilities of our partners, we’ll be able to provide customers complete visibility into the network with quality analytics that accelerate the path from detection to resolution. This acquisition is a vital part of our long-term strategy to build a single security platform that protects against the most advanced threats and offers customers one solution to detect, contain, resolve and prevent threats.

With the acquisition, FireEye will further expand its security platform with the following:

  • FireEye will offer the industry’s first Enterprise Forensics solution with a unified view of network to endpoint forensics, enabling enterprises to minimize risk and drive down mean time to resolution.
  • The Enterprise Forensics solution, coupled with the FireEye threat analytics solution, will form a comprehensive intelligence platform.
  • The FireEye Network Threat Prevention Platform combined with newly introduced IPS capabilities and the addition of nPulse’s forensics will offer a comprehensive threat management platform.
  • The Enterprise Forensics solution together with FireEye Managed Defense™ will enable the industry’s most advanced managed service capabilities, bringing together deep visibility and rich context from Enterprise Forensics with active defense capabilities of the Managed Defense portfolio.

The New Reality of IT Security

Our Mandiant services team has investigated thousands of breaches and from this experience we know that no matter how good your defenses, with users in the system, every organization has some malicious code within their network. In fact, we know the median number of days attackers were present on a victim’s network before being discovered was 229 days in 2013. But today, when a data breach can result in being called to testify in front of Congress, every organization should be prepared to answer questions about how an attacker got into their network and what data was impacted. Preventing malicious code from entering the network is always key, but now we need to know more - when the malicious code appeared, how the network was compromised and if any data was removed. This is the new reality of enterprise security.

Enterprise Forensics - A Black Box For Your Network

Previously adding enterprise forensics involved building a customized solution that correlated data from multiple point products monitoring different parts of the network and across endpoints. Overwhelmed by cost and complexity, many organizations simply put this off, leaving a wide hole in their IT security and response capabilities. After entering into a technology partnership with nPulse Technologies earlier this year, we saw how our joint customers benefited from bringing together nPulse network information with FireEye threat intelligence and endpoint data.

With this acquisition, FireEye will combine nPulse network forensics with the endpoint products acquired from Mandiant to incorporate attack information from the host, endpoint, network and cloud. We like to think of enterprise forensics as adding a flight data recorder – or a black box – to the network. With complete visibility into the network, the FireEye platform will be able to produce higher quality alerts to help protect against threats as well as quickly quantify the impact of a breach following the discovery of malware on a network. With big-data analytics and real-time capabilities, FireEye will offer enterprise forensics that help answer the most important questions an organization has after a breach.

nPulse extends our reach into an organization’s history because it can log all network activity for as long as they choose to retain that data. With the industry’s fastest lossless, intelligent capture and retrieval, nPulse gives us the ability to “go back in time” to see the full extent of how malicious code behaved on the network. By being the first to deliver end-to-end (network and endpoint) detection and forensics at scale, FireEye enables enterprises to minimize risk by quantifying the impact of a breach while accelerating detection and resolution from days to a matter of minutes. For our Mandiant team and partners, this means we can deliver better service and more comprehensive incident response capabilities.

And most importantly, by reducing incident investigation time, providing validated breach information and improving the quality of alerts, our customers and clients can reduce their exposure to attacks while substantially reducing operational expenses.

At FireEye we’re building the most comprehensive security platform and I look forward to welcoming the nPulse Technologies team to the FireEye family. In the short term after the acquisition, nPulse will continue to operate normally and current customers should expect no disruption in current capabilities and service. Over the coming months after the acquisition, we’ll work to combine the nPulse products with the FireEye platform and bring enterprise forensics to all our customers and partners. Once again, FireEye is leading the way to solve the most complex and time-consuming security challenges.


Forward-Looking Statements

This blog post contains forward-looking statements about the expectations, beliefs, plans, intentions and strategies of FireEye relating to its pending acquisition of nPulse. Such forward-looking statements include statements regarding the impact of the pending acquisition of nPulse on FireEye’s competitive position, future product offerings and potential benefits of current and future product offerings. These statements reflect the current beliefs of FireEye and are based on current information available to us as of the date hereof, and FireEye does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. The ability of FireEye to achieve these business objectives involves many risks and uncertainties that could cause actual outcomes and results to differ materially and adversely from those expressed in any forward-looking statements. These risks and uncertainties include market adoption of FireEye’s virtual machine-based security platform; the termination of FireEye’s pending acquisition of nPulse if FireEye and nPulse fail to satisfy the conditions for closing in the definitive agreement; the failure to achieve expected synergies and efficiencies of operations between FireEye and nPulse; the ability of FireEye and nPulse to successfully integrate their respective technologies, products, personnel and operations; FireEye’s ability to attract and retain new customers and expand and train its sales force; the failure to timely develop and achieve market acceptance of combined products and services; the potential impact on the business of nPulse as a result of the pending acquisition; the loss of any nPulse customers; the ability to coordinate strategy and resources between FireEye and nPulse; the ability of FireEye and nPulse to retain and motivate key employees of nPulse; general economic conditions; as well as those risks and uncertainties included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” in FireEye’s  Form S-1 filed with the Securities and Exchange Commission on April  22, 2014, which is available on the Investor Relations section of FireEye’s website at and on the SEC website at Any future product, feature, or related specification that may be referenced in this blog post are for information purposes only and are not commitments to deliver any technology or enhancement. FireEye reserves the right to modify future product or service plans at any time.