FireEye Introduces Cybersecurity Risk Assessment For Mergers & Acquisitions

New Assessment Leverages Expertise of the Intelligence-Led FireEye Security Platform to Identify Risks in M&A Targets’ Environments, Adds New Service Offering Tailored for Law Firms

MILPITAS, Calif. – April 19, 2016 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced the launch of Mandiant® Mergers & Acquisitions (M&A) Risk Assessment, a new rapid service offering cybersecurity assessment as to the level of cyber security risk present in the acquisition that could drive decisions. The new service is launching with FireEye law firm partner Pillsbury Winthrop Shaw Pittman and is available now.

The M&A Risk Assessment is a week-long service evaluating key security components utilizing sector specific best practices and global control frameworks, FireEye’s nation-state grade intelligence, and Mandiant’s decade of experience responding to the most impactful security breaches, in order to identify threats earlier in the M&A process. Mandiant consultants generate risk ratings of target security areas and develop recommendations that customers, their legal partners, and other M&A partners can use for decision making.

Mandiant consultants have developed a unique methodology for M&A Risk Assessment that evaluates four core security areas:

  • Threat Detection & Response to evaluate the maturity and thoroughness of a target organization’s response processes and technologies
  • Access Controls to identify whether proactive controls have been established to prevented unauthorized access to sensitive data
  • Infrastructure Security to ensure that effective controls are in place from network to endpoints to prevent compromise
  • Data Safeguards to determine if proper capabilities exist to identify, monitor and protect high-value information assets

“There has been a very supportive deal environment for M&A activity in parallel with the increasingly complex and effective attacks we have responded to over the last few years,” said Holly Ridgeway, director, information security programs, FireEye. “As attackers have already utilized M&A activity to gain access to other organizations, it is critical that teams take an intelligence-led approach to evaluating and advising on the risks a target organization can introduce earlier in the process and in lock-step with legal and other partners.”

Another key component of M&A Risk Assessment is partnership with legal firms to ensure that allows their customers to be ahead of the curve prior to a breach or security event. FireEye works with law firms to bring our world class products and services to their clients. 

"A close examination of a company's exposure to cyber risk during the merger, acquisition or investment process is no longer optional. In fact, not doing so -- or failing to structure transactions in a way that adequately manages existing and potential cyber threats -- invites significant financial and legal challenges further down the line," said Brian Finch, partner at Pillsbury Winthrop Shaw Pittman LLP.

“FireEye Cyber Risk team partners with law firms that specialize in M&A. Our law firm partners recognize and support the need and solution for a cyber security due diligence that is embedded into their legal process,” said Karen Kukoda, director of cyber risk partnerships.

To learn more about M&A Risk Assessment, join our free webinar Apr. 21:

For more information about Mandiant Services, please visit:

About FireEye, Inc.
has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,400 customers across 67 countries, including more than 680 of the Forbes Global 2000.

© 2016 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products or service names are or may be trademarks or service marks of their respective owners.


Kyrk Storer
FireEye, Inc.

Kate Patterson
FireEye, Inc.