The news broke on today (Tuesday March 8th 2022) as Google put out an announcement indicating their intent to purchase Mandiant and that they had signed an agreement to do so. Google is looking to roll the Mandiant into their existing Google Cloud platform. Google has previously picked up companies like BeyondCorp Enterprise. Virus Total, and Chronicle. Google is now looking to provide an end-to-end security service. According to the ad giant, Google will now be able to deliver:
Advisory Services: Mandiant’s proven global expertise in providing comprehensive incident response, strategic readiness and technical assurance helps customers mitigate threats and reduce business risk before, during and after an incident.
Threat Detection and Intelligence: Mandiant’s experience detecting and responding to advanced adversaries offers customers actionable insights into the threats that matter right now.
Automation and Response Tools: Security operations tools within Google Cloud’s Chronicle, Siemplify solutions and Mandiant’s Automated Defense help customers analyze, prioritize and streamline threat response and leverage Mandiant’s expertise as a virtual extension of their teams.
Testing and Validation: Mandiant Security Validation helps customers continuously validate and measure the effectiveness of cybersecurity controls across cloud and on-premise environments, and complements Google Cloud’s Security Command Center to help ensure strong risk management.
Managed Defense: Mandiant's managed detection and response service acts as a seamless extension of customers' security teams, delivering continuous monitoring, event triage and threat hunting that's agnostic to customers' endpoint and network tooling.
On the surface and from a purely academic standpoint, the purchase does make sense. Google’s existing IR and response tools for customers are not exactly where they should be despite the massive amount of data and telemetry they collect. Adding in Mandiant’s tool set will allow them to offer a significant security advantage over Microsoft and Amazon. It is a missing piece of Google’s security puzzle in much the same way that Mandiant was for Microsoft.
All that being said, the thought of Microsoft controlling both the OS, Cloud Platform and security was a bit concerning to many people. We wonder what the feeling will be about this acquisition will be. Google seems to always be in the news for abuse of data collection, privacy and even a lack of security (look at how many banking trojans are in the Play Store). The addition of Mandiant and their automated data collection tools might be seeing as augmenting their already concerning data collection practices.
The deal does still have to jump through the regular hoops before it gets approved/ It could be that Google’s history of data collection abuses will come back to haunt them here… at least it might if the people responsible for determining these things knew what each company really did. In the end, this deal is likely to go through quickly. Google will roll them into their existing tools set and offer clients a potentially better security posture when using GCP. They (Google) will also very likely use the technology that Mandiant offers to augment their data collection efforts behind the scenes despite all of the warnings and fines they have received in the past.