The increased weaponization of zero-day vulnerabilities has resulted in unprecedented demand for FireEye’s threat intelligence and expertise, according to CEO Kevin Mandia.
The Milpitas, Calif.-based platform security vendor blew the whistle on the SolarWinds hackers, alerting the world Dec. 8 that it had been hacked and determining days later that SolarWinds was the source of the compromise. Then just last week, FireEye publicly disclosed an authentication bypass zero-day flaw in Pulse Secure as well as a zero-day flaw in SonicWall email security, both of which had been exploited.
“You keep reading that the Mandiant brand or FireEye brand is finding these things,” Mandia told CRN Tuesday. And we’re finding them because we’re doing investigations, and we are dogged in our determination to figure out, ‘So how did this intrusion happen?’”
The continued success of nation-state hackers in high-profile attacks such as SolarWinds and the on-premises Microsoft Exchange server compromise had prompted customers to pause and rethink their security strategy, Mandia said. As the threat environment escalates, Mandia said organizations are increasingly coming to realize that conventional safeguards aren’t effective at reducing risks.
As a result, Mandia said customers are looking to combine their commonly used safeguards with FireEye’s expertise and intelligence to adapt faster to new and emerging threats. FireEye has therefore doubled down on efforts to embed its threat intelligence and expertise into the company’s own products as well as the company’s Mandiant Advantage SaaS offering, which now has three modules.
“We’ve never been more relevant or more needed in cybersecurity,” Mandia told Wall Street analysts Tuesday. “So I want to thank the teams that have been on the frontlines, finding the zero days and protecting our customers as well as organizations that aren’t our customers.”
Mandia urged solution providers to discuss zero trust, cloud visibility, cloud security and ransomware protection with their customers. From there, Mandia said channel partners should look for products that can proactively scan customer networks for vulnerabilities, conduct validation testing, leverage AI and machine learning developed by security experts, and upgrade to cloud-based identity management.
“As more and more folks are going to cloud, you’re getting better identity management for your cloud offerings than you are in your on-prem,” Mandia told CRN.
FireEye’s sales for the quarter ended March 31 jumped to US$246.3 million, up 9.6 percent from US$224.7 million the year prior. The result beat Seeking Alpha’s estimate of US$237 million.
The company’s net loss improved to US$55.2 million, or US$0.24 per diluted share, 27.6 percent better than a net loss of US$76.3 million, or US$0.35 per diluted share, last year. On a non-GAAP basis, the company recorded net income of US$19.6 million, or US$0.08 per diluted share, improved from a net loss of US$4.1 million, or US$0.02 per diluted share, the year before. That edged out Seeking Alpha’s non-GAAP earnings projection of US$0.06 per share.
FireEye’s stock dropped US$0.05 (0.24 percent) to US$20.74 per share in after-hours trading. Earnings were announced after the market closed Tuesday.
Product, subscription, and support revenue in the quarter climbed to US$183 million, up 5.1 percent from US$174.1 million the year prior. And professional services revenue climbed to US$63.3 million, up 25 percent from US$50.6 million last year.
For the coming quarter, FireEye expects to record non-GAAP net income of US$0.08 to US$0.09 per diluted share on sales of between US$246 million and US$250 million. That’s slightly better than analyst expectations for non-GAAP net income of US$0.08 per share on revenue of US$244.07 million, according to Seeking Alpha.