Shares of cyber security company FireEye (FEYE) jumped on Thursday as Goldman Sachs (GS) upgraded the stock from sell to buy, citing a faster-than-expected shift to recurring revenue and citing new details on the company's key Helix product. The news follows an upgrade from Bank of America Merrill Lynch (BAC) earlier in the week.
FireEye stock gained nearly 7.5% to $12.35 in mid-day trading on Thursday. While FireEye's projections that it will return to growth and profitability later this year have met with some skepticism, the upgrades may indicate that Wall Street is giving the message more credence. The U.S. government's recent indictments of Russian officials and hackers for attacks on Yahoo! (YHOO) may provide a reminder of the increasing geopolitical stakes in cyber crime.
CEO Kevin Mandia has said that Wall Street has been slow to recognize the improvements that the company has made, including FireEye's expansion from fending off sophisticated attacks into a broader array of security services. "That's about a tenth of what we're building here," he said in an interview before the upgrades, referring to its previous focus.
The company likens its signature Helix portal product to a Bloomberg terminal for cyber security that can process data and alerts from FireEye's systems. Helix can also incorporate alerts and data from other security companies's applications that a client has in the same way that software by Oracle (ORCL) might be able to draw on data in applications by another developer.
Helix also includes adds reports on cyber data from staffers of Isight, which FireEye acquired last year. The company also bought software developer Invotas last year to automate responses to attacks. And a web chat function will allow clients to tap the knowledge of its forensic experts and others.
"When someone thinks they've been breached, the first question the CEO has is what is the worst case scenario?" Mandia said. Helix would allow a client to track an IP address and get data and intelligence about the attackers. For example, Mandia said, they could say "It's North Korea, they just broke into your network. Here's what they normally do."