Fireeye Braintree

Fireeye Braintree

LOS ANGELES | SAN FRANCISCO | NEW YORK | BOSTON | SEATTLE | MINNEAPOLIS | MILWAUKEE July 22, 2013 Michael Pachter Sanjit Singh Gil Luria (213) 688-4474 (212) 938-9922 (213) 688-4501 [email protected] [email protected] [email protected] PRISM … Progress Report for Internet and Social Media In This Issue: FireEye, Braintree FireEye Cyber-security company founded in 2004. Specializes in protection against advanced persistent threats (APTs). Experienced rapid revenue growth; 55,413% from 2007 through 2011. Over $100 million in total venture funding; expected to go public later this year. We estimate FireEye’s total value to be approximately $2.25 billion. Braintree Online payment processing software developer founded in 2007. Has seen rapid expansion thanks to adoption by fast-growing Web 2.0 merchants. Self-funded until 2011; now has $69 million in total venture funding. THE INFORMATION HEREIN IS ONLY FOR ACCREDITED INVESTORS AS DEFINED IN RULE 501 OF REGULATION D UNDER THE SECURITIES ACT OF 1933 OR INSTITUTIONAL INVESTORS. WEDBUSH PRIVATE COMPANY STRATEGIES GROUP Wedbush Securities does and seeks to do business with companies covered in its research reports. Thus, investors should be aware that the firm may have a conflict of interest that could affect the objectivity of this report. Investors should consider this report as only a single factor in making their investment decision. Please see page 11 of this report for analyst certification and important disclosure information. FireEye FireEye, a cyber security company founded in 2004, plans an initial public offering this year at a total valuation estimated at $1.25 billion (according to an article by Business Insider). The firm has experienced rapid growth since its founding by Ashar Aziz in Milpitas CA. In 2012 Deloitte named it the fourth fastest growing technology company in the United States. From 2007 through 2011 the firm grew revenues by 55,413%, with a compound annual growth rate of 187%. Press releases from the company indicate that customer count rose from 500 in August of 2012, to 800 in November of 2012, to 1,000 in January of this year. Security Threats FireEye’s technology is designed to protect large computer networks from malicious software, commonly known as “malware.” Specifically, FireEye targets a new breed of sophisticated programs known as “advanced persistent threats,” or APTs. Such malware has become higher profile in recent months as several large U.S, companies have come under cyber- attacks, the U.S. and Chinese governments have accused one another of state-sponsored hacking. Many of these attacks have come in the form of APTs. Security professionals have differing definitions of advanced persistent threats; in general, they are malware that is designed to circumvent traditional Internet security measures, and remain inside a system for long periods of time without detection. Typically they are coordinated efforts by teams of hackers targeting a specific organization or system, as opposed to a single opportunistic individual who comes across a weak system and quickly exploits it. Once the malware embeds itself in the system, it searches for valuable information and transmits it to the hacker. Among this information will be user credentials, with which the group will be able to access the system if the malware is ever discovered and eliminated. This is one reason why APTs are so dangerous: the threat “persists” even after the malicious software is gone. The other hazardous element is the fact that the APT is usually customized for the particular system it is attacking. This is how it circumvents traditional security software, which relies on a “blacklist” of known malware, and blocks anything that matches the list from entering the system. Because APTs are customized, they will not appear on any blacklist. These are often referred to as “zero-day threats,” because security firms have zero days to prepare for them. Often, offenders will target individuals as a means of accessing a system. They may stalk an employee of a corporation using social networks, gathering information that may be used to eventually gain access to the targeted network. For example, Symantec found that in 2011, a number of chemical companies were infiltrated by malicious emails that were sent to employees posing as meeting invitations from well-known suppliers. The messages installed Trojan Horse software that enabled the hackers to take valuable intellectual property. The increasing number of employees using their personal electronics on company networks appears to be increasing the potential for security breaches. Technology FireEye designs appliances that run virtual duplicates of a system within them. Whenever software is sent to the system, the appliance intercepts it and runs the program inside the virtual system. FireEye’s software observes the program, watching for suspicious behavior. If the software acts like an APT, it is quarantined before it ever reaches the real system, with the process taking fractions of a second. The company offers different machines for different types of protection (web, email, file sharing), as well as all-in-one systems. Clients can also subscribe to Dynamic Threat Intelligence, which culls reports on detected threats from participating appliances and distributes them automatically to other Source: Symantec subscribers. Leadership FireEye is the second company founded by Ashar Aziz, who received an undergraduate degree in Electrical Engineering and Computer Science from MIT, and a Master’s degree in Computer Science from UC Berkeley. He started his first company, Terrasping, in 1999 after working for Sun Microsystems for 12 years as an engineer in network security. After three years and $54.5 million in funding (according to the San Francisco Business Times), Terraspring was acquired by Sun, and Aziz became a Chief Technology Officer. He remained in this role until 2004 when he left Sun to create FireEye. He has received over 20 patents in the area of networking and cryptography. In November of 2012, the role of CEO was handed to Dave DeWalt, who had been Chairman of the Board since June of that year. DeWalt had previously been CEO of the antivirus software company McAfee since 2007. DeWalt took McAfee, which had been investigated for fraud and delisted from the NYSE (according to Business Insider) and rebuilt it, later selling it to Intel for $7.8 billion in February of 2011. He has also held executive positions at Oracle, EMC and Documentum and was named to President Obama’s 2 National Security Telecommunications Advisory Council in May of 2011. He confirmed in the Business Insider interview that he had turned down 40 CEO job offers before choosing to lead FireEye. Business Model FireEye charges flat prices for its appliances. According to company representatives, FireEye previously charged customers additional per-seat fees for each individual user, but that is not always the case now. Currently, pricing is more dependent on the customers’ size and security requirements. Payment for the appliances is received upfront, via cash or financing. The units come in various sizes and prices, depending on the application, but they typically start at approximately $54,000 (via FireEye.com). The company also takes in revenue from subscriptions to its Dynamic Intelligence Solutions service; pricing for this service is also dependent on the client and its needs. Market A survey by the Ponemon Institute found that each of the large companies it studied experienced about two Enterprise Security Market Ex-Services successful attacks per week (via InfoSecIsland). A $23bn Market Growing at ~8% security report by Imperva indicated that, among a group $35 of observed web applications, each one was attacked 71 $30 $32.7 times per hour from just one type of attack (known as a $30.7 $25 $28.7 $26.7 SQL injection). The attacks occasionally peaked up to $24.6 1,300 attempts per hour. A recent article by The Verge $20 $21.2 $22.6 revealed that the University of Wisconsin gets 90,000 to $15 100,000 break-in attempts each day. Not all of these $10 attacks are advanced persistent threats, but studies $5 show that APTs are becoming more frequent and are Market in Size Billions $ of $0 broadening their target base. The number of monthly 2011 2012 2013 2014 2015 2016 2017 APTs increased by 542% over the course of 2011, and Source: Gartner half of the attacks were directed at organizations with fewer than 2,500 employees (according to Symantec, see charts below). FireEye CEO DeWalt has indicated that he believes the company’s market is $25 billion in size annually (via PandoDaily). This agrees with figures produced by Gartner (see chart above), which estimates the Enterprise Security Market to be $24.6 billion for 2013, with a projected annual growth rate of approximately 8% through 2017. Source: Symantec 3 While FireEye’s technology is at the leading edge of the sector, it may not Enterprise Network Security Q1 of 2013 Market Share become a dominant force within the $1.65bn Total Size in FQ1 of 2013 security services industry due to the scope of its services, as its product offerings are more focused relative to other large players in the space. Although advanced persistent threats are a dangerous and growing portion of Internet attacks, they are still only a fraction of the total threats Cisco, 21.0% for which security services are needed. Large competitors, such as Cisco (CSCO), Others, 28.8% typically deliver a wider range of services (e.g., firewalls and gateways) in order to Check Point WatchGuard offer complete systems to clients. Software However, one of the key strengths of Technologies, Technologies, FireEye’s offerings is that they protect 2.2% 15.7% against multiple threat vectors, including IBM, web, email and files. Other vendors, such 2.5% HP, 2.6% as Proofpoint, have advanced solutions based on a single specific threat, such as SonicWALL, Juniper email only.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    15 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us