Join today’s leading leaders online at Data Summit on March 9th. Register here.
In recent years, Microsoft has emerged as the company to beat when it comes to cybersecurity, with a rich suite of security offerings and unparalleled insight into business applications, cloud workloads, and devices.
Really, who could match them? Who would dare to try?
CrowdStrike has fired its shots — and has seen strong growth that confirms it’s a serious challenger to at least some parts of Microsoft’s security business (particularly in the endpoint space).
But Google Cloud may be the first vendor truly capable of challenging the entire Microsoft security machine.
Google’s $5.4 billion deal to acquire Mandiant, announced today, will enable Google Cloud to deliver an “end-to-end security operations suite that helps organizations stay protected at every stage of the security lifecycle.” said Phil Venables, CISO at Google Cloud. during a press conference.
Well, that sounds a lot like what Microsoft wants to offer enterprise customers, doesn’t it?
Mandiant adds a significant level of security to Google Cloud, well beyond the company’s well-known Incident Response (IR) service offering. Mandiant’s platform includes threat intelligence, security validation, automated defense, attack surface management, and managed defense.
And in terms of services, in addition to IR, Mandiant also offers strategic readiness, technical security and “cyber-defense transformation” – ie helping clients to evolve and mature their security posture.
support of the SOC
However, according to Peter Firstbrook, research vice president and analyst at Gartner, Google Cloud’s approach to achieving the end-to-end security outcome for customers is very different from Microsoft’s.
Microsoft is trying to support all of its own products and services to provide customers with security, while “Google is a little more interested in supporting the SOC — the Security Operations Center,” Firstbrook said.
Google Cloud is therefore focused on making sure customers have “everything they need” for their SOC team, he said.
“So, no matter what security controls they have in place — whether it’s from Palo Alto or Microsoft or Cisco or Trellix or Zscaler — they can filter all of that information in one place and make sense of it,” Firstbrook said. “And then they need someone who can clear those warnings, who’s smart enough to do that.”
Mandiant helps with that part, too, thanks to its managed services offerings, he noted.
During today’s press conference, Mandiant CEO Kevin Mandia emphasized that his company will have the freedom to support environments that “use many different security technologies to secure themselves.”
“I feel like this merger between Mandiant and Google Cloud allows us to be the brains behind so many of the controls that people rely on,” Mandia said. The ultimate offering is Mandiant, plus Google Cloud, plus partnerships with “all the different products that people rely on,” he said.
“We can work with your heterogeneous environments – whatever the endpoint [security] No matter what firewall you’re using, whether you’re on-premises or in the cloud, we can take that security telemetry, store it in Chronicle, and leverage Siemplify’s ability to go from alert to remediation [and] Leverage Mandiant threat intelligence for better telemetry. “Here’s the important thing,” Mandia said. He pointed to Google Chronicle Security Analytics and Siemplify, a security orchestration, automation and response (SOAR) technology provider that Google acquired in January.
Chronicle and Siemplify are all about “interoperability between a lot of other technologies – [they] Work with any firewall company, work with any endpoint company, work with logs generated by different applications,” Mandia said.
In a recent interview with VentureBeat, Sunil Potti, vice president and general manager for Google Cloud’s security business, said the contrast between Google Cloud’s and Microsoft’s security approaches should be apparent.
“Microsoft has made it very clear that when it comes to security, they want to compete with all partners and everyone,” Potti said. In terms of solution sets for many different areas of cybersecurity, “Microsoft decided to build all of these itself,” he said.
Google, on the other hand, has “picked a few markets that we think a cloud provider should be driving alone” and only offers first-party products in those areas, Potti said.
“But around each of these first-party products, we’re going to create an ecosystem that leverages partners,” he said. Again, that’s “unlike Microsoft, which wants to touch everything,” Potti said.
Microsoft declined to comment on this article when it was reached by VentureBeat.
“shot in the bow”
Industry analysts said today that Google Cloud definitely had Microsoft in its sights in the deal to acquire Mandiant. In fact, Microsoft reportedly considered making an offer for Mandiant itself before those talks collapsed and Google Cloud stepped in.
Following Google’s acquisition of Siemplify in January, “acquiring a strong service provider like Mandiant is the next important step in rounding out its offering to be a security leader in more ways than one,” said Forrester analyst Allie Mellen. “Microsoft has dominated the security industry for the past several years, and this string of acquisitions by Google demonstrates its interest in playing a bigger role in the industry.”
And Mandiant appears to be an excellent choice to enable such endeavors.
Mandiant “has a very strong brand and reputation for a reason,” said Hank Thomas, CEO of venture capital firm Strategic Cyber Ventures. “They are the best of the best at what they do. This definitely doesn’t convince some people to move to Google Cloud.”
In a note to investors today, Daniel Ives, managing director of equity research at Wedbush Securities, said Mandiant has established itself as the “Navy Seals of Cybersecurity” over the past decade.
“This deal was a shot across the bow from Google to Microsoft and Amazon with this flagship cybersecurity acquisition from Mandiant,” Ives wrote. Amazon Web Services (AWS) continues to maintain its leading market share for cloud infrastructure services (with 33%), according to Synergy Research Group, followed by Microsoft Azure at #2 (with 21% market share) and Google Cloud at #2.3 (with 10% of the market).
In particular, with Mandiant, Google Cloud will not only be able to compete in end-to-end security – it will even surpass Microsoft in managed security services. One indication of this is that Microsoft is said to have thought about taking over Mandiant itself.
With the ongoing cybersecurity skills shortage, the ability to deliver security as a service will become increasingly important going forward, Firstbrook said.
“No one has enough people to provide security,” he said. “If you want to sell one [security] product, you must now deliver it as a service. It’s not enough to just sell software – most buyers don’t have the people who can use that software.”
All in all, “we’re just seeing a huge interest in managed security services and managed services — because this whole security market is getting way too complicated for the average organization,” Firstbrook said.
And with that in mind, Google Cloud’s ultimate goal is to make security essentially “invisible” to customers, Potti said — to “automatically provide a lot of good hygiene under the covers and only tell you things you pay attention to.” have to”.
Going forward, true differentiation will be about “how beautiful and invisible you make security,” he said. “Because security is an issue right now.”
VentureBeat’s mission is intended to be a digital marketplace for technical decision makers to acquire knowledge about transformative enterprise technology and to conduct transactions. Learn more
https://venturebeat.com/2022/03/08/with-mandiant-google-can-challenge-microsofts-security-dominance/ With Mandiant, Google can challenge Microsoft’s security dominance