The cybersecurity software and services company, FireEye (MNDT), has been going through a significant transition. The company saw slowing growth in 2015, and the stock has plunged over 70% since then while the market has continued to march upward in the positive direction.

^SPXTR Chart

^SPXTR data by YCharts

The company promoted Kevin Mandia to CEO in June 2016, and he quickly put a comprehensive transition plan in place, which included an overhaul of the company's core products into one integrated product delivered via the cloud. This new product, Helix, was highlighted in this quarter's earnings review with a full explanation of the product, the benefits and features it brings to customers, and evidence that it's winning with customers. Read on for the details of this important product in FireEye's quest to become a growth company again.

Guy in shirt and jacket pressing on symbol of a lock on what looks to be a clear computer screen. The lock is connected to a network of PCs, clouds, servers, email, and people.

Image Source: Getty Images

What is Helix?

Grady Summers, FireEye's chief technology officer and executive vice president, introduced the new Helix product in the most recent earnings call.

...I'm pleased we delivered on the 3 product related transitions that Kevin set out a year ago. First, we now have 1 unified platform that unites all of our spoke products into an API-driven single interface.

The additional product related transitions that Summers refers to are:

  • From an APT, or advanced threat solution, company to comprehensive prevention
  • From on premise appliances to more cloud and hybrid solutions

In order to understand what those transitions mean, you need to understand a little about the history of FireEye. The company started as a hardware product company that would put a FireEye configured server into the customer's network in order to deliver it's protective services. Since the company started, it has been acquisitive and purchased a number of companies with specific security solutions including threat intelligence, enterprise forensics, and security consulting. All of these companies had individual separate products. Now with Helix, these products have finally been integrated into one comprehensive solution in the cloud.

In addition to providing one comprehensive product for its customers, there are some key features that make Helix a desirable upgrade.

Helix makes managing cybersecurity easier

As part of the development process for Helix, FireEye spent a considerable amount of time studying the work of a security analyst. When a security breach is found, it becomes "hectic, lots of research and emails, lots of different interfaces, lots of googling for answers." The company found that up to 80% of this effort can be automated (see graphic below). Helix puts all of the relevant intelligence and threat information for the analyst in one place to make them more effective.

Slide of the security analysts dilemma. A stop watch picture with 40% Enrich & validate, 36% ticket & report, 8% notify & escalate, 11% respond, and 5% hunt.

Image Source: FireEye 2nd quarter earnings presentation.

Helix improved its endpoint (where the user accesses the network) coverage to including Mac, Linux, and Windows with cloud, virtual, or physical appliances. The product integrates customer's third party antivirus or other software messages into the Helix dashboard so the security analyst has all of the relevant information available, even if it's not from FireEye. Threat case management was enhanced based on customer feedback. Additionally, the company has a series of upgrades planned for the remainder of the year and into 2018.

While all this sounds like great product improvements, I was wondering if this product would win customers, and turns out it is doing just that.

Customers are buying Helix (and more)

Helix was released the last day of the first quarter, and the company recognized revenue from five sales on the launch day. Since then, an additional 10 customers purchased the full Helix bundle. While that doesn't seem like much, FireEye noted that for every dollar of revenue from a Helix system, the company also sold a two dollars of additional product and subscription revenue. The Helix solution is completely cloud based and paid for via a subscription model, which is a win-win for FireEye and its customers. For customers, the product is easier to implement and maintain. One new Helix customer reported they realized a 25% reduction of the total cost of ownership moving from their previous cybersecurity solution. For FireEye, it receives a highly reliable revenue stream, which makes it easier to predict revenues, and as a result manage costs.

The company indicated that 50% of the Helix sales were from international customers, which is higher than the average 33% for the remainder of the FireEye's revenue. The sales force is not completely up to speed on the new product yet, so future quarters could see an acceleration of Helix adoption as customers learn more about the significant benefits and the enhancement pipeline of this product.

Kevin Mandia, FireEye's CEO, summed up the Helix product in his opening remarks from the second quarter call.

With the launch of the Helix platform in the last day of Q1, we began delivering the technology organizations' need to build their next-generation security operations... [It is] a single platform that blends our technology, our intelligence and our expertise so FireEye is a seamless on-demand extension of our customer security team.

This new product is an important first step for FireEye's return to growth. Investors should be pleased that the company has delivered a comprehensive product that is winning with customers, but also keep an eye on the continued adoption of the Helix platform going forward.