
FireEye
Pioneering threat-intelligence firm founded by Ashar Aziz; merged into Trellix after 2021 STG acquisition.
Last refreshed: 8 May 2026 · Appears in 1 active topic
Does the Trellix breach mean FireEye's two decades of detection research is now in criminal hands?
Timeline for FireEye
Mentioned in: WebLogic flaw revived as ransomware vector
Cybersecurity: Threats and DefencesMentioned in: RansomHouse posts Trellix internal screenshots as extortion leverage
Cybersecurity: Threats and DefencesTrellix discloses 21-day-old breach of source-code repository
Cybersecurity: Threats and DefencesWhat happened to FireEye?
Is Mandiant the same as FireEye?
How was FireEye involved in the SolarWinds hack discovery?
Background
FireEye was founded in 2004 by Ashar Aziz, a former Sun Microsystems engineer, and grew into one of the most influential threat-intelligence and incident-response firms in cybersecurity. It went public on Nasdaq in 2013 and became globally recognised for high-profile nation-state attribution work, including the 2014 Sony Pictures hack (attributed to North Korea) and extensive reporting on Chinese APT groups. FireEye's Mandiant division, which ran major breach investigations including the 2020 SolarWinds compromise, became synonymous with forensic depth.
In 2021, private equity firm Symphony Technology Group (STG) acquired FireEye's products business for $1.2 billion, separating it from the Mandiant services division. Mandiant was subsequently sold to Google in 2022 for approximately $5.4 billion and now operates as Google Threat Intelligence Group. STG merged the FireEye products business with McAfee Enterprise in January 2022 to create Trellix.
FireEye's legacy is present in the Trellix codebase accessed by RansomHouse in April 2026. The detection logic, signature databases, and proprietary analytics that FireEye built over two decades form part of what was exposed.