FireEye Enters Agreement to Acquire nPulse Technologies

Combination Creates Industry’s First Solution to Deliver Enterprise Forensics From the Endpoint to the Network, Providing Visibility Across the Entire Attack Life Cycle and Accelerating Threat Response and Remediation

FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced the execution of a definitive agreement to acquire privately held nPulse Technologies, the performance leader in network forensics. The combination of the nPulse network forensics solution with the FireEye Security Platform will deliver the industry’s only Enterprise Forensics solution for visibility into the entire attack life cycle - from network intrusion to endpoint exploitation and lateral movement. The transaction is expected to close during the second quarter of 2014, subject to standard closing conditions.

With the acquisition, FireEye will further expand its security platform with the following:

  • FireEye will offer the industry’s first Enterprise Forensics solution with a unified view of network to endpoint forensics, enabling enterprises to minimize risk and drive down mean time to resolution.
  • The Enterprise Forensics solution, coupled with the FireEye threat analytics solution, will form a comprehensive intelligence platform.
  • The FireEye Network Threat Prevention Platform combined with newly introduced IPS capabilities and the addition of nPulse’s forensics will offer a comprehensive threat management platform.
  • The Enterprise Forensics solution together with FireEye Managed Defense™ will enable the industry’s most advanced managed service capabilities, bringing together deep visibility and rich context from Enterprise Forensics with active defense capabilities of the Managed Defense portfolio.

“The new reality of security is that every organization has some piece of malicious code within their network,” said David DeWalt, chairman of the board and chief executive officer of FireEye. “The more important question is has that code been able to execute any compromising activity that puts the organization at risk, and if so, what data left the network? With the addition of the nPulse solution, the FireEye platform will have a “flight recorder” for security analytics. By incorporating real-time breach information from the endpoint and the network, we’re building a single platform to provide the most in-depth attack information and the right data to protect and remediate before a compromise turns catastrophic.”

The nPulse product portfolio provides full packet capture and indexing for ultra-fast search and analysis of network traffic. When combined with the endpoint products acquired from Mandiant, FireEye will be able to offer customers Enterprise Forensics capabilities across both gateway and endpoint nodes. With the addition of deep analytic capabilities, FireEye will continue to redefine the security architecture, providing customers with a single security platform that delivers precise alerts with detailed forensic data on the full scope of an attack.

Using high-quality forensics and validated alerts, customers will have the ability to detect and prevent data loss. In the event of a breach, detailed attack information is recorded to track the full scope of a breach so security teams can move quickly to incident response and remediation, saving hours of investigation time and reducing operational expense. Following a breach investigation, organizations have a detailed report of breach activity and, when necessary, the ability to disclose investigation results with confidence.

“With this acquisition, FireEye continues to align its endpoint security offerings with emerging requirements,” said Jon Oltsik, senior principal analyst at ESG. “Today, enterprises need as much insight into breaches to understand them in tremendous detail. By combining endpoint and network visibility, FireEye gives security teams the information they require to respond to attacks and remediate threats of advanced attacks quickly with the right intelligence, analytics, and automation." ​

The key to the nPulse solution is the ability to capture full packets at high speeds and index them in real time, enabling big-data analytics and rapid search capabilities paired with layer seven visibility. Well-maintained perimeter defenses are a critical part of any security strategy, but as attacks grow more sophisticated, quickly analyzing persistent threats and incident response for advanced malware breaches is a necessity. nPulse complements the existing FireEye Web and email products by augmenting the FireEye Multi-vector Virtual Execution™ (MVX) technology with deep analytics. Once attempted malware downloads or callbacks are detected, the priority shifts to a thorough analysis of what may have been missed during the lifetime of the breach, and any activity from potentially infected clients. The nPulse solution also enables expeditious reconstruction of the kill chain and is designed to perform at 10 Gbps full duplex, providing capture, inspection, and exposing indications of compromise within minutes. For the Mandiant services team, the addition of of nPulse’s network forensics solution will result in faster incident response capabilities and enable more detailed data for the Managed Defense service.

“When we established a partnership with FireEye, our customers immediately realized the value of having comprehensive threat information in one central dashboard,” said Tim Sullivan, president and chief executive officer of nPulse Technologies. “As the security industry evolves, customers are looking for one trusted partner to provide a comprehensive solution that provides threat data as well as a path to remediation. We’re looking forward to joining the FireEye team and helping to transform the security industry.”

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,200 customers across more than 60 countries, including over 130 of the Fortune 500.

Forward-Looking Statements

This press release contains forward-looking statements about the expectations, beliefs, plans, intentions and strategies of FireEye relating to its pending acquisition of nPulse. Such forward-looking statements include statements regarding the impact of the pending acquisition of nPulse on FireEye’s competitive position, future product offerings and potential benefits of current and future product offerings. These statements reflect the current beliefs of FireEye and are based on current information available to us as of the date hereof, and FireEye does not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made. The ability of FireEye to achieve these business objectives involves many risks and uncertainties that could cause actual outcomes and results to differ materially and adversely from those expressed in any forward-looking statements. These risks and uncertainties include market adoption of FireEye’s virtual machine-based security platform; the termination of FireEye’s pending acquisition of nPulse if FireEye and nPulse fail to satisfy the conditions for closing in the definitive agreement; the failure to achieve expected synergies and efficiencies of operations between FireEye and nPulse; the ability of FireEye and nPulse to successfully integrate their respective technologies, products, personnel and operations; FireEye’s ability to attract and retain new customers and expand and train its sales force; the failure to timely develop and achieve market acceptance of combined products and services; the potential impact on the business of nPulse as a result of the pending acquisition; the loss of any nPulse customers; the ability to coordinate strategy and resources between FireEye and nPulse; the ability of FireEye and nPulse to retain and motivate key employees of nPulse; general economic conditions; as well as those risks and uncertainties included under the captions “Risk Factors” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” in FireEye’s  Form S-1 filed with the Securities and Exchange Commission on April  22, 2014, which is available on the Investor Relations section of FireEye’s website at and on the SEC website at Any future product, feature, or related specification that may be referenced in this release are for information purposes only and are not commitments to deliver any technology or enhancement. FireEye reserves the right to modify future product or service plans at any time.

Media contact:

Vitor De Souza

FireEye, Inc.


Investor contact:

Kate Patterson

FireEye, Inc.


Source: FireEye, Inc.


© 2014 FireEye, Inc. All rights reserved. FireEye, Mandiant, Managed Defense and Multi-vector Virtual Execution are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.