Shares of advanced cyber-security threat detection platform provider FireEye Inc. (FEYE) rallied up 38.6% on Friday, and are up another 3% by noon on Monday, after it raised guidance for 4Q/2013 and FY 2014 revenues, and announced a game-changing $1 bill. acquisition of fellow cyber-security firm Mandiant. The acquisition brings together advanced threat detection capabilities of FireEye with the incident response management capabilities of Mandiant to provide an end-to-end solution to help corporate and government clients fight against advanced targeted cyber-attacks.
If you think you have heard of Mandiant before, you probably have, as it made national news when it released a report in February 2013 directly implicating China in cyber espionage to gain economic advantage. It released documenting evidence that the People's Liberation Army (PLA) Shanghai-based Unit 61398 targeted at least 141 organizations in the U.S. and other English-speaking countries extending as far back as 2006, including uploading to YouTube one such specific intrusion. This five-minute video has been viewed almost half a million times, and is very interesting and informative, even entertaining, documenting the exact steps that the alleged attacker goes through to mount an advanced cyber-attack.
The nature of cyber-attack is rapidly morphing from an individual or criminal entity trying to steal your credit card info to nation states, like China in this instance, allegedly using much more advanced tools at their disposal to mount advanced cyber-attacks of the kind that traditional signature-based platforms are simply unable to detect, much less protect. The implication is that most enterprises are simply unaware of the level to which these intrusions are taking place, and the valuable IP, and associated future revenue and profits, that are being lost to foreign enterprises and government players.
FireEye is a unique and revolutionary company in the IT security industry, funded in part by the CIA's venture-capital arm, In-Q-Tel, and leading silicon valley venture capital firms. While traditional signature-based systems look backward, in terms of scanning for and blocking threats that have previously been detected, thereby leaving a big hole in terms of client systems being vulnerable to yet-undetected threats, FireEye has a patented system that outsmarts the cyber-criminals. Its patented virtual machine-based Multi-Vector Virtual Execution (MVX) security appliances deployed worldwide detect these threats by running suspicious code or opening suspicious emails in a protected area so they can be blocked or quarantined if needed without endangering the client systems, and then FireEye's system makes the details of that attack available to all of its customers via its cloud-based infrastructure.
FireEye has deployed two million of these security appliances worldwide to help detect and stop threats on the network. With the acquisition of Mandiant, its network-based security platform will combine with and leverage Mandiant's leadership in endpoint-based threat detection, including services for advanced forensics and incident response. Mandiant's platform monitors in real-time over two million endpoints, that when combined with FireEye's platform will provide the most comprehensive cyber-security platform in the market today that can detect, resolve and prevent advanced attacks on a global basis.
We are excited about the deal for many reasons. First, FireEye has said that the deal will almost triple its total addressable market, from $11.6 bill. to $30 bill. And to do that, FireEye is spending approximately $1 bill. in cash and shares, about a fifth of its market-cap before the announcement. Moreover, Mandiant is projecting sales of over $100 mill. in 2013, compared to FireEye's latest guidance of $159 mill. to $161 mill. for FY 2013. In terms of growth, both FireEye and Mandiant revenues are expected to grow strongly next year, FireEye's by over 50% to $240 mill. to $250 mill., and Mandiant's by about 60% to $160 mill. Even discounting by the slightly higher growth expected at Mandiant in FY 2014, whether you look at the expansion in total addressable market or the increase in revenue, it seems that FireEye shareholders got a great deal in the Mandiant acquisition.
Second, the combination promises to be transformative in the cyber-security advanced threat protection marketplace, bringing together all of the required key components, and providing the latest next-generation platform that can protect not just against known threats like traditional signature-based platforms, but also yet undetected threats. It will include network-based threat detection and prevention with FireEye products, and endpoint-based threat detection, investigation and incident response services using Mandiant's products and services. The bringing of the entire threat protection suite under one roof will allow the new FireEye, post-acquisition, to innovate faster, further leapfrogging its competition and putting up formidable anti-competitive barriers against tech leaders like Cisco, HP and IBM.
Third, due to the complementary nature of their product offerings, there are significant cross-selling opportunities that will help further accelerate growth. Thus, FireEye can target endpoint products to its customer base, and also sell its e-mail and web malware protection systems to Mandiant's customer base. Also, due to its more extensive international presence, FireEye can greatly accelerate Mandiant's revenues in the global marketplace.
Fourth, Mandiant is currently profitable. This is great news for FireEye shareholders, as the lack of profits anywhere on the horizon has been a sore point for many potential investors and bears. The addition of Mandiant's revenue and income stream to FireEye's, in addition to any cost synergies from the acquisition, can only help in that regard.
Fifth, Kevin Mandia, Mandiant's founder and chief executive officer prior to the acquisition, has been appointed by the FireEye board of directors to the position of senior vice president and chief operating officer of FireEye. Mr. Mandia has been profiled on the cover of Fortune magazine and recognized by Foreign Policy magazine as one of the 100 leading global thinkers of 2013. Under his leadership, Mandiant received the SC Award in both 2012 and 2013 for exemplary professional leadership in IT security, and his addition to FireEye's senior management team should be a positive going forward.
In addition, FireEye raised guidance on the day of the acquisition announcement, including providing more details in its conference call presentation later that day. It now expects the upcoming 4Q/2013 revenues at $55 mill. to $57 mill. vs. its guidance of $52 mill. to $54 mill. in the prior 3Q/2013 conference call in November, and up 74%-80% year-over-year vs. $31.7 mill. in 4Q/2012. Also, it raised billings guidance for 4Q/2013 to between $159 mill. to $161 mill. vs. prior guidance of $156 mill. to $158 mill. For FY 2014, FireEye guided that it expects total revenue to be $400 mill. to $410 mill. for the combined company, including reiterating its prior guidance for the stand-alone FireEye at $240 mill. to $250 mill. Also, it raised billings guidance for the combined company for FY 2014 to $540 mill. to $560 mill., including reiterating its prior guidance for the stand-alone FireEye at $350 mill. to $370 mill.
FireEye was a hot IPO in September 2013, with shares more than doubling at its intra-day peak the day of the offering, from its offering price of $20. In fact, the IPO price was initially set at $12 to $14, and the price had already lifted to almost $45 at its highs before last week's announcement. So the company has its share of naysayers, who have been bearish on the company since its IPO. It is understandable given that the new FireEye post-acquisition, is still trading at 33x trailing-twelve-month (TTM) sales at its current $57 price, the stand-alone FireEye generates negative EBITDA and is expected to continue to do so until at least 2015, and profits are seen nowhere on the horizon. In fact, losses climbed from $0.34 in the June 2013 quarter to $0.43 in the latest available September quarter, and were up from $0.23 in the March quarter.
But all of these things were also true before last week's announcement, and shares have continued to be strong despite that. Our contention is that the transformative deal announced last week of the acquisition of Mandiant by FireEye creates a new leader in the advanced threat protection marketplace, with an end-to-end product suite and a much stronger competitive edge and value proposition than before. In this scenario, we expect FireEye shares to continue to remain strong. While 33x TTM sales is very high, we have seen even higher valuations before, and given the strong tailwinds and exceptional product leadership and value proposition, it would not be surprising to see this as a must-have stock with fund managers.
Currently, among our hand-picked 300+ top leading fund managers, together they own less than 2% of the total float of over 30 mill. shares. The buyers include Citadel Advisors (click link to view latest full summarized 13-F), headed by billionaire fund manager Kenneth Griffin, with 0.33 mill. shares; independent investment management company Invesco with 0.11 mill. shares; San Francisco-based Technology focused hedge fund Crosslink Capital with 10,000 shares; and diversified financial services firm Ameriprise with 5,222 shares.
As high as the valuation is, sometimes with technology leaders, the share price has more to do with supply and demand. With only 30 mill. outstanding shares, if fund managers feel compelled to own this emerging leader in the advanced cyber-security threat protection marketplace, then shares could go even higher.
The field could get even smaller, if larger technology rivals go on an acquisition spree acquiring other smaller security software players. Already, Cisco systems acquired Sourcefire in July of last year, and the talk on Wall St. is that other security players may be in the cross-hairs of leading tech players like Cisco, HP and IBM that maybe looking to stay competitive in the marketplace.
These include network security infrastructure products provider Palo Alto Networks (PANW), that is trading at 9-10x TTM sales and 130x next year's earnings; Fortinet Inc. (FTNT), a developer of unified threat management systems, that is trading at 5-6x TTM sales and 35x next year's earnings; Proofpoint Inc. (PFPT), a provider of a suite of on-demand security-as-a-service software enabling organizations to protect and archive data, that is trading at 9-10x TTM sales and is projected to generate losses next year; and Impreva Inc. (IMPV), a developer of data security solutions, that is trading at 9-10x TTM sales and at 400x next year's earnings. The shares of all four security software peers have traded up since the FireEye acquisition announcement was made last Thursday, partly in anticipation of similar take-out deals for their shares.
Despite our optimism about the deal, and the prospects for share prices going forward, we would not buy it here after the strong appreciation in the last two days, as the risks of a serious technical pullback are high after such a strong rally. As of today, Tuesday afternoon, shares are higher but the rally now is being carried on lower volume, dropping from 9.76 mill. shares on Friday to 3.55 mill. shares on Monday and only 0.98 mill. shares by mid-day today. While stocks will follow fundamentals long-term, which leads us to be optimistic long-term on the stock, the current pace of price increase is not sustainable, and the technical (price-volume) action is making it look increasingly vulnerable to a serious technical pullback in the coming days and weeks. We would take advantage of any such pullback, especially into the low-$50's, and buy more if it dips below $50. I would conjecture many funds will too, as they like most rational investors are unwilling to chase shares higher after such a strong rally, waiting instead for the current momentum to fade and shares to start consolidating their recent gains.
Long-term investors, and many others unable or unwilling to time the markets, especially knowing that doing so runs the risk of missing a big move, may want to buy some shares here, and buy more if it dips into the $50 range or lower. The company is well-positioned to be a leader in the advanced cyber-security threat protection space, taking market-share away over time from established leaders due to its product strength, and is the kind of stock you want to buy for the long-term.
Additional disclosure: Use of GuruFundPicks’ research is at your own risk. You should do your own research and due diligence before making any investment decision with respect to securities covered herein. You should assume that as of the publication date of any report or letter, GuruFundPicks, LLC, has a position in all stocks (and/or options of the stock) covered herein that is consistent with the position set forth in our research report. Following publication of any report or letter, GuruFundPicks intends to continue transacting in the securities covered herein, and we may be long, short, or neutral at any time hereafter regardless of our initial recommendation. To the best of our knowledge and belief, all information contained herein is accurate and reliable, and has been obtained from public sources we believe to be accurate and reliable, and not from company or persons who have a relationship with company insiders.