Unfortunately, cyber crime doesn't appear to be going anywhere. High-profile hacks have become almost regular occurrences, with crooks taking advantage of vulnerabilities in networks to infiltrate corporate servers, steal credit card data, and leak confidential documents.
FireEye (MNDT) is a company that may be able to do something about it, and its investors could stand to benefit.
The stock has given shareholders a rough and often volatile ride, but it's up modestly from its IPO in the fall of 2013. Is FireEye a solid cybersecurity investment, or should investors stay away?
Below are three facts about FireEye that shareholders, or prospective shareholders, should be aware of.
It's offering a new form of cyber security
FireEye's business is particularly interesting because its service differs quite substantially from standard anti-malware solutions.
Traditional forms of cyber security rely on a technique of threat detection known as a signature-based approach. If you've ever run a virus scan on your PC, these methods are based on this approach. Malware and exploits are discovered and coded into a database, which is then compared with the software running on a given machine. Anything found that matches the known malware in the database is flagged, quarantined, or deleted.
This form of detection is highly effective against known threats, but completely ineffective when facing unknowns. The phrase "zero-day attack" refers to this issue: Zero-day attacks make use of vulnerabilities or exploits that have not yet been discovered by software companies or security companies (programmers have had exactly zero days to find a solution).
FireEye's business exists as a possible answer to the problem posed by zero-day attacks. Rather than rely on a signature-based approach, FireEye takes a more active stance, using virtual machines to observe potentially malicious software in action, learning about it in real-time.
The best example of FireEye's technologies comes from the much publicized 2013 Target credit card hack. Although the hackers managed to steal millions of credit card numbers from Target's servers, FireEye's software was able to detect the exploit ahead of time (Target's headquarters, according to Bloomberg, simply ignored FireEye's warnings).
It isn't profitable
But regardless of the promise FireEye may hold, the company isn't profitable -- and it doesn't expect to be anytime soon ("we do not expect to be profitable for the foreseeable future," it writes in its most recent annual filing).
FireEye is certainly generating revenue, but it's burning cash quickly. Last year, in brought in $425.7 million, but lost about $479 million.
The crux of FireEye's losses are coming from its enormous operating expenses. In particular, its R&D and marketing budgets have soared in recent years. Last year, FireEye spent just over $200 million on R&D, up from $66 million in 2013, and over $400 million on sales and marketing, up from $167 million last year.
None of this is necessarily a bad thing. Indeed, FireEye expects to continue spending aggressively on sales and marketing as a way to entice customers in other geographic markets to buy its products. Still, anyone considering FireEye should be aware that it's still in the hyper-growth phase -- it's far from a value play.
It's growing rapidly
But that growth is certainly there. Last year, FireEye's revenue rose a staggering 163% on an annual basis, up from 94% growth in the prior year. For 2015, FireEye expects to post revenue of around $605 million to $625 million, which would represent annual growth of around 42%-46%.
FireEye's CEO, Dave DeWalt, told Forbes last year that he didn't think there was "any limit" to FireEye's opportunity, and that he expects to continue adding employees at a rapid rate.
