Google acquires Mandiant, a Cybersecurity superstar

Google Cloud is ready to acquire Mandiant, a prominent star in cybersecurity that has a history of uncovering gigantic hacks: Chinese hackers in 2013 and the famous SolarWinds incident in 2019-20. Could Mandiant become Google Cloud’s secret weapon?

Organisations around the world are facing unprecedented cybersecurity challenges as attacks increase in sophistication and frequency. Mandiant has the recipe for being a star in its space. It is a powerful brand made famous for uncovering mega hacks and continues to work on sophisticated cyber capabilities and automation. Microsoft was reported to be in talks to acquire Mandiant before Google strategically snatched it for USD5.4 billion, its second-largest deal ever. In a war for talent, automation provides the answer, and Mandiant is well-positioned to address the rising cyber threats by means of automation.

The deal

Google, a subsidiary of Alphabet, will pay USD23 per Mandiant share in an all-cash deal, expected to close this year. Its 5’300 employees will join Google Cloud as soon as the transaction closes. The bid to acquire Mandiant will likely get a thorough review from antitrust regulators, considering the overall antitrust scrutiny that Google is facing in its online search business. Groups that support stronger antitrust regulation have already spoken against the deal.

Mandiant: leader in dynamic cyber defense and response

Armed with its 3’400 workforces, Mandiant stands at the frontline of cybersecurity intelligence and expertise since 2004. Its mission is to protect organisations and critical infrastructure, using innovative technology and expertise gained over decades on the frontlines of cyber attacks.

Mandiant consultants respond to thousands of security breaches every year. Working in the trenches of cybersecurity, Mandiant has the following aims:

  • Transforming itself into a Security-as-a-Service business
  • Mandiant Advantage SaaS platform is a force multiplier for security teams
  • Providing on-demand expertise, to its customers to build cybersecurity teams
  • Building detection products and cyber security programs of choice for organisations


Mandiant has a history of uncovering major hacks, making it a solid security brand of reference.

  • In 2013 it exposed APT1’s enterprise-scale computer espionage campaign, linking APT1 to China’s PLA.
  • In 2020, under the FireEye name at the time, it discovered a supply chain attack with a trojan horse to distribute malware, known as the SolarWinds hack.


In terms of financials, Mandiant revenue reached USD483 million in 2021, up 21% year-over-year, and was projected to grow to more than USD550 million this year.

Transforming Google Cloud

If the deal is approved by regulators, Mandiant is set to bring tremendous value to Google, reinforcing its cloud computing offering of premier cybersecurity services.

Google cloud is a suite of cloud computing services, which work in hand with its data storing, data analytics, artificial intelligence, and machine learning. Google Cloud Platform provides infrastructure, platform, and serverless computing environments.


Google pioneered the Zero Trust approach, an architecture that builds in multiple layers of defense against unauthorised access. The approach helps customers avert cyberattacks and minimise their impact.

Mandiant is set to reinforce real-time and in-depth threat intelligence prevention, with a focus on cybersecurity automation, which is key for Google Cloud to differentiate itself. Last year, Google bought Siemplify, which is an automation and response provider, helping companies better manage their threat response. Google also partners with industry leader Crowdstrike integrating its Falcon platform in Google Cloud’s suite of security products.

Cloud wars intensify

Behind Google’s acquisition of Mandiant, stands a major chess move to keep it away from the hands of Amazon (Amazon Web Services), which has the biggest market share, and Microsoft (Azure).

statista idea cloud

Microsoft is growing fast and remains a fierce competitor for Google.

Last year Microsoft made several acquisitions in cyber security, including CloudKnox (develops a multi-cloud permissions management platform that protects critical cloud infrastructure resources and identities), and RiskIQ (leader in attack surface discovery, intelligence, and threats mitigation).


An acceleration in M&A activity in the space is clearly a possible outcome of Google buying Mandiant, which is referred to by some analysts as the “Navy Seals” of cybersecurity. The strong activity in security deals also reflects the strong demand for security in the current environment. It also shows the broader effort by the major cloud providers to give businesses better defenses against a widening range of threats.


Mandiant could clearly be a win for Google to beef up its cloud offering in what is a highly competitive space, but also rich in growth potential as enterprises are spending generously to face growing cyber threats. Uncertainty remains a significant factor as the deal still requires approval from regulators. Should the deal pass, it will be a sign that the growth case for Alphabet, Google’s parent is strengthening.