McAfee Enterprise
Enterprise cybersecurity vendor acquired by STG; merged with FireEye to form Trellix in 2022.
Last refreshed: 8 May 2026 · Appears in 1 active topic
How much McAfee Enterprise code is still inside Trellix and what was exposed?
Timeline for McAfee Enterprise
Trellix discloses 21-day-old breach of source-code repository
Cybersecurity: Threats and Defences- What happened to McAfee Enterprise?
- McAfee Enterprise was acquired by private equity firm STG in March 2021, then merged with FireEye in January 2022 to form Trellix. The consumer McAfee brand was sold to a separate consortium.
- Is McAfee Enterprise the same as Trellix?
- Trellix is the successor company formed from the merger of McAfee Enterprise and FireEye in January 2022. The McAfee Enterprise brand no longer exists; Trellix inherited its products, customer base, and codebase.
- How did McAfee Enterprise and FireEye become Trellix?
- Private equity firm Symphony Technology Group acquired McAfee Enterprise for $4 billion in March 2021 and FireEye's products business for $1.2 billion later that year. STG merged the two in January 2022 under the Trellix brand, creating a unified XDR vendor.Source: Symphony Technology Group
- Was McAfee Enterprise code stolen in the 2026 Trellix breach?
- Yes. RansomHouse accessed Trellix's source-code repository in April 2026. The Trellix codebase includes detection logic and signatures inherited from McAfee Enterprise, meaning legacy McAfee Enterprise code was part of the exposed material.Source: Trellix
- What cybersecurity products did McAfee Enterprise make?
- McAfee Enterprise produced endpoint protection, network security (including NGFW and IPS), data loss prevention, and security operations centre tooling. These products, now under the Trellix brand, serve large enterprise and government customers globally.
Background
McAfee Enterprise was the enterprise security division of McAfee LLC, acquired by private equity firm Symphony Technology Group (STG) in March 2021 for approximately $4 billion. McAfee Enterprise produced endpoint protection, network security, data loss prevention, and security operations centre (SOC) tooling used by governments and large enterprises globally, including UK public sector customers.
In January 2022, STG merged McAfee Enterprise with FireEye — another STG acquisition — to form Trellix, a unified extended detection and response (XDR) vendor. The McAfee Enterprise brand was retired at this point; Trellix inherited the combined product portfolio, customer base, and engineering teams. The consumer McAfee business (antivirus products) was sold separately to a different consortium and retained the McAfee name.
The brand's relevance to the Lowdown cyber-threats topic is its role as one of the two predecessors of Trellix, which suffered a source-code breach in April 2026. McAfee Enterprise's legacy code and detection signatures form part of the Trellix codebase that RansomHouse accessed.