This week, FireEye acquired nPulse technologies to strengthen its security platform. FireEye’s security platform is built on the concept that securing a business cannot be done at singular points, as is the case with legacy security platforms. FireEye’s approach is to gather as much information as it can, from sources such as Web, email, mobile devices, and the network, and analyze the data to more accurately find and analyze threats and intrusions.
The accuracy of FireEye’s platform is based on the data that it has to analyze. The more you can see, the more accurate the security. Given that the company ponied up about $70 million ($60 million in cash and $10 million in stock based on milestones) for one of its partners, nPulse technologies is intended to allow FireEye to see more. nPulse was actually a partner of FireEye’s prior to the acquisition, and I’m guessing the value that nPulse provided as a partner led to the purchase.
The product from nPulse processes and indexes network packet data very quickly, as well as providing the capability to query the information to gain visibility into what happened during any kind of breach or intrusion. Without nPulse, customers would have to sift through reams and reams of data and log files and somehow manually correlate the data with the intrusion. Unless you’re Mr. Spock, manual analysis and correlation is almost impossible unless it’s the full-time job of a team of people. Personally, I’d prefer having Spock on staff (the Leonard Nimoy version; no offense to Zachary Quinto) but a tool like nPulse is almost as good.