McAfee Enterprise-FireEye relaunches as Trellix, aims to be ‘market leader’ in XDR

Did you miss a session from the Future of Work Summit? Visit our Future of Work Summit on-demand library to stream.

The cybersecurity giant formed last fall by the merger of McAfee Enterprise and FireEye has a new name, Trellix, and a new mission to become a dominant force in the fast-growing market for Extended Search and Response (XDR).

“Where we’re going to be the market leader in XDR,” Trellix CEO Brian Palma said in an interview with VentureBeat.

In October, private equity firm Symphony Technology Group closed its acquisition of FireEye and linked the well-known cyber vendor to another big name in the industry, McAfee Enterprise, which Symphony acquired in July. Palma, formerly executive vice president for FireEye’s products business, was appointed CEO of the joint venture at the time.

With today’s announcement, both the FireEye and McAfee Enterprise brands will retire, and will no longer be used with any products, Palma said.

Double reduction on XDR

The joint venture generated about $ 2 billion in revenue in 2021, and the fourth quarter of the year saw an increase in the percentage of revenue among “middle-aged teenagers,” Palma said. The company’s new focus on the XDR market “resonates with consumers, and we expect growth again in 2022,” he said.

Focusing on XDR as a way to provide security that is highly adaptable to a wide variety of customer environments, “We are not just two companies together. We are a completely new entity, “said Palma.

XDR definitions vary, but Gartner defines it as a cloud-distributed technology that “integrates, correlates, and references data and alerts from multiple security prevention, detection, and response components.” The idea is to understand the warnings coming from a myriad of tools so that security operations teams can prioritize their efforts around real and most serious threats.

While less than 5% of organizations are using XDR today, it is expected to grow to 40% by 2027, according to a recent report by Gartner. Notably, the XDR arena is already becoming crowded, with the research firm adding 19 key players in space (two of which are McAfee Enterprise and FireEye).

Security complexity

Underpinning the XDR opportunity is the fact that cybersecurity is simply “becoming more and more complex,” Palma told VentureBeat. He cited software supply chain attacks such as the Solarwinds breach – first announced by FireEye in December 2020 – and the widespread Apache Log 4 j vulnerability announced last month.

However, XDR is prime to serve as a response to complexity, and “I think we’re at the forefront of that cycle,” Palma said. “We are well aligned for that market transition and architecture.”

The XDR platform can take a different approach-focusing on relating data from some native tools and emphasizing another “open” approach, providing analysis for data collected from third-party tools.

One key difference for the Trelex XDR platform is that it enables both approaches, Palma said. “While we support the original, we also support the open. So we’re going to embrace every other tool you can imagine, “he said.

The Trellix XDR will be able to ingest and engage data from 600 different tools in addition to the company’s own native tools, which is a “big advantage,” Palma said.

Endpoint Security and Discovery

Key components of the XDR platform include endpoint protection and endpoint detection and response (EDR) solutions, he said. Trelix has technology offerings from both McAfee Enterprise and FireEye businesses in these areas, and the joint venture is “working to bring it together so that we can be the best in the class for our customers,” Palma said.

Trelix expects a single offer for endpoint protection and a single offer for EDR at some point in 2022, he said. Those offers will be available to “meet our customers wherever they are”, whether their environment is on-premises, hybrid or in the cloud, Palma noted.

On the contrary, “many of our competitors can now only serve cloud customers – they’ve switched to that completely,” he said.

Security operations

Meanwhile, the Trellix XDR platform also brings a bunch of solutions for security operations, along with tools that spread security information and management (SIEM); Security Orchestration, Automation and Response (SOAR); And User and Entity Behavior Analytics (UEBA).

“We have on-love SIEM. We have the original Cloud SIEM, historically known as Helix and it comes from the FireEye side તે it’s a SIEM-SOAR tool. And we have the UEBA tool, “Palma said.” So we bring it all together in one security operation console. That console will use not only our own core technology, but more than 600 other technologies. “

This width of offering is another top advantage for trellis, he said. “Many competitors play in the security ops market or the endpoint market, but not in both,” Palma said.

Threat laboratories

The third key component for the Trellix XDR platform is its threat lab branch, which operates “billions of sensors out of the market” to collect security telemetry, Palma said. Trelex’s Threat Labs leverages relationships with companies such as Mandiant (formerly a subsidiary of FireEye) on threat intelligence.

“You’re going to see us do a lot with our threat lab, which really empowers our technology platforms – vulnerabilities, risky artists, getting real-time information on our platforms,” ​​Palma said.

Some of the offerings from the former McAfee Enterprise business will not be included as part of the trilogy. STG plans to expand McAfee Enterprise’s Secure Services Edge portfolio as a separate company this quarter – including Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), and Zero Trust Network Access (ZTNA) solutions. Mukti The name of the new company has not been revealed.

Symphony paid 1.2 billion for the FireEye products business and $ 4 billion to acquire the enterprise security business from McAfee, which continues as a consumer protection software firm.

‘Live’ security

At launch, Trelex has a total of 40,000 subscribers and 5,000 employees, according to the release.

Palma said the ultimate vision for Trelix revolves around providing “live” security – capable of adapting to the rapidly changing dynamics in cybersecurity as well as the heterogeneous operating environment that has gone through the shift. To work remotely. (The company name refers to a garden lattice that supports the plant as it grows તેથી hence the concept of “living” protection.)

Supporting an open approach with XDR avoids “fighting facts” in the cyber industry and moves towards supporting an “adaptable, flexible ecosystem,” Palma said. “We’re really moving to the same place – which was an important part of our business, but not where we came from historically. So this is a big change.”

XDR vendors listed in its most recent report by Gartner, along with McAfee Enterprise and FireEye. , Fortinet. , Sophos, Tehtris, Trend Micro, and VMware.

Meanwhile, open XDR vendors who have recently added funds include Hunters, which raised $ 30 million in August; Stellar Cyber, which landed 38 million in November; And ReliaQuest, which in December announced an undisclosed increase in pre-money valuations to over $ 1 billion.


VentureBeat’s mission is to become a digital town square for technical decision makers to gain knowledge about transformative technology and practices. Our site delivers essential information on data technologies and strategies so you can lead your organizations. We invite you to access, to become a member of our community:

  • Up-to-date information on topics of interest to you
  • Our newsletters
  • Gated idea-leader content and discounted access to our precious events, such as Transform 2021: Learn more
  • Networking features and more

Become a member

Similar Posts

Leave a Reply

Your email address will not be published.