McAfee Corp. (/ˈmækəfiː/MAK-ə-fee),[4][5] formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American global computer security software company headquartered in San Jose, California.
The company was purchased by Intel in February 2011,[6][7][8] and became part of the Intel Security division. In 2017, Intel had a strategic deal with TPG Capital and converted Intel Security into a joint venture between both companies called McAfee.[9][10]Thoma Bravo took a minority stake in the new company, and Intel retained a 49% stake.[11][12] The owners took McAfee public on the NASDAQ in 2020, and in 2022 an investor group led by Advent International Corporation took it private again.[13]
History
1987–1999
The company was founded in 1987 as McAfee Associates, named for its founder John McAfee, who resigned from the company in 1994.[14] McAfee was incorporated in the state of Delaware in 1992. In 1993, McAfee stepped down as head of the company, taking the position of chief technology officer before his eventual resignation. Bill Larson was appointed CEO in his place. Network Associates was formed in 1997 as a merger of McAfee Associates, Network General, PGP Corporation and Helix Software.
The FSA team also oversaw the creation of a number of other technologies that were leading edge at the time, including firewall, file encryption, and public key infrastructure product lines. While those product lines had their own individual successes including PowerBroker (written by Dean Huxley and Dan Freedman and now sold by BeyondTrust), the growth of antivirus ware always outpaced the growth of the other security product lines. It is fair to say that McAfee remains best known for its anti-virus and anti-spam products.
Among other companies bought and sold by McAfee is Trusted Information Systems, which developed the Firewall Toolkit, the free software foundation for the commercial Gauntlet Firewall, which was later sold to Secure Computing Corporation. McAfee acquired Trusted Information Systems under the banner of Network Associates in 1998.
McAfee, as a result of brief ownership of TIS Labs/NAI Labs/Network Associates Laboratories/McAfee Research, was highly influential in the world of open-source software, as that organization produced portions of the Linux, FreeBSD, and Darwin operating systems, and developed portions of the BIND name server software and SNMP version 3.[citation needed]
2000–2009
In 2000, McAfee/Network Associates was the leading authority in educating and protecting people against the Love Bug or ILOVEYOU virus, one of the most destructive computer viruses in history.[15]
At the end of 2000, CEO Bill Larson, President Peter Watkins, and CFO Prabhat Goyal all resigned after the company sustained losses.[16] Company president Gene Hodges served as interim CEO before George Samenuk was appointed CEO in 2001.[17][18]
The company returned to its original name in July 2004.[19] It restructured, beginning with the sale of its Magic Solutions business to Remedy, a subsidiary of BMC Software early in the year.[20] In mid-2004, the company sold the Sniffer Technologies business to a venture capital backed firm named Network General (the same name as the original owner of Sniffer Technologies), and changed its name back to McAfee to reflect its focus on security-related technologies.[21]
In 2006, Dale Fuller became interim CEO when Samenuk resigned and President Kevin Weiss was fired after the company was accused of questionable stock options practices.[22] David DeWalt took over as CEO on April 2, 2007.[23]
In 2007, McAfee launched the Security Innovation Alliance (SIA), a program focused on cultivating partnerships with other tech companies and integrating third-party technology with McAfee’s security and compliance risk management technology.[24] On March 11, 2008, McAfee announced a license agreement with the US Department of Defense. This agreement allowed the DoD to integrate McAfee’s Virus Scan Enterprise and Anti-Spyware Enterprise into the Defense Information Systems Agency’s cyber-security solutions.[25]
2010–present
On April 21, 2010 McAfee sent out a bad anti-virus update (DAT 5958) that crippled millions of corporate and consumer Windows-based computers.
On August 19, 2010, Intel announced that it would purchase McAfee for $48 a share in a deal valued at $7.68 billion.[26][27] In September 2016, Intel announced their strategic partnership with TPG to turn McAfee into an independent cyber-security company as a joint venture. That deal closed on April 3, 2017.[28]
CEO David DeWalt resigned in 2011, and McAfee appointed Michael DeCesare and Todd Gebhart as co-presidents.[29] In 2011, McAfee also partnered with SAIC to develop anti-cyber espionage products for use by government and intelligence agencies, along with telecommunications companies.[30]
On January 6, 2014, Intel CEO Brian Krzanich announced during the Consumer Electronics Show the name change from McAfee Security to Intel Security. The company's red shield logo would remain, with the firm continuing to operate as a wholly owned Intel subsidiary.[31] John McAfee, who no longer had any involvement in the company, expressed his pleasure at his name no longer being associated with the software. However, as of 2016 the products still bore the McAfee name.
On September 7, 2016, Intel sold its majority stake to TPG and entered into an agreement with TPG to turn Intel Security into a jointly-owned, independent cyber-security company with the McAfee name.[32]
After the deal between the two companies closed, the company was spun back out of Intel on April 4, 2017."[33] Chris Young assumed the CEO position as the company became an independent entity.[34]
In 2018, the company unsuccessfully entered talks to sell majority control of McAfee to minority stakeholder Thoma Bravo.[35] In 2018, McAfee also expanded its Security Innovation Alliance partnerships to include companies such as Atos, CyberX, Fidelis Cyber-security, Aujas, and Silver Peak.[36]
In July 2019, McAfee began meeting with bankers to discuss returning to the market as an IPO.[37] As an IPO, the company was estimated to be valued at $8 billion or higher. However, no deal or decision to join the public market was confirmed.[38]
Near the end of 2019, McAfee partnered with Google Cloud to integrate McAfee’s Mvision Cloud and endpoint security technology with Google’s cloud infrastructure.[39]
In October 2020, McAfee and its shareholders raised $740 million in the initial public offering and valued at about $8.6 billion based on the outstanding shares listed in its prospectus. McAfee shares were traded on the NASDAQ stock exchange under ticker symbol MCFE, marked its return to the public market after 9 years.[40] In 2020, former McAfee CEO Chris Young left his position and was replaced by Peter Leav.[41] However, the stock was delisted from NASDAQ and the company was taken private again in March 2022 by a multi-national investor group under the Advent International Corporation, consisting of the Canada Pension Plan, the Singaporean GIC Private Limited, and the Abu Dhabi Investment Authority.[42]
In May 2022, Peter Leav stepped down and McAfee named Greg Johnson its new CEO.[43]
On June 9, 1998, Network Associates agreed to acquire Dr Solomon's Group plc, the leading European manufacturer of antivirus software, for $642 million in stock.[61][62]
IntruVert Networks
On April 2, 2003, McAfee acquired IntruVert Networks for $100 million. According to Network World, "IntruVert's technology focus is on intrusion-prevention, which entails not just detecting attacks, but blocking them. The IntruVert product line can be used as a passive intrusion-detection system, just watching and reporting, or it can be used in the intrusion-prevention mode of blocking a perceived attack."[63]
Foundstone
In August 2004, McAfee agreed to acquire Foundstone, a vendor of security consulting, training, and vulnerability management software, for $86 million.[64]
SiteAdvisor
On April 5, 2006, McAfee bought out SiteAdvisor for a reputed $70 million[65] in competition with Symantec, a service that warns users if downloading software or filling out forms on a site may obtain malware or spam.
Preventsys
On June 6, 2006, McAfee announced that it would acquire Preventsys, a California-based company offering security risk management products. The acquisition cost McAfee under $10 million.[66]
Onigma Ltd
On October 16, 2006, McAfee announced that it would acquire Israel based Onigma Ltd for $20 million.[67] Onigma provides host-based data leakage protection software that prevents intentional and unintentional leakage of sensitive data by internal users.
SafeBoot Holding B.V.
On October 8, 2007, McAfee announced it would acquire SafeBoot Holding B.V. for $350 million.[68] SafeBoot provided mobile data security solutions that protected data, devices, and networks against the risk associated with loss, theft, and unauthorized access. Through the acquisition, McAfee became the only vendor to deliver endpoint, network, web, email and data security, as well as risk and compliance solutions. Gerhard Watzinger, CEO of SafeBoot, joined McAfee to lead the Data Protection product business unit.[69] The deal closed on November 19, 2007.
ScanAlert
On October 30, 2007, McAfee announced plans to acquire ScanAlert for $51 million. The acquisition integrated ScanAlert's Hacker Safe service and McAfee's SiteAdvisor rating system to attack website security from both sides.[70] It was the industry's first service to help consumers stay safe as they searched, surfed and shopped. The deal closed on February 7, 2008.[71]
Reconnex
On July 31, 2008, McAfee announced it would acquire Reconnex, a maker of data protection appliances and software. Reconnex sold data loss prevention software, designed to prevent sensitive documents and data from leaving corporate networks.[72] The acquisition added content awareness to McAfee's data security portfolio.[73] The $46 million deal closed on August 12, 2008.
Secure Computing
On September 22, 2008, McAfee announced an agreement to acquire Secure Computing, a company specializing in network security hardware, services, and software products. The acquisition expanded McAfee's business in securing networks and cloud computing services to offer a more comprehensive brand of products. The deal closed on November 19, 2008 at a price of $497 million.[74]
Endeavor
In January 2009, McAfee announced plans to acquire Endeavor Security, a privately held maker of IPS/IDS technology.[75] The deal closed in February 2009 for a total purchase price of $3.2 million.
Solidcore Systems
On May 15, 2009, McAfee announced its intention acquire Solidcore Systems, a privately held security company, for $33 million.[76] Solidcore was a maker of software that helped companies protect ATMs and other specialized computers. The acquisition integrated Solidcore's whitelisting and compliance enforcement mechanisms into the McAfee product line.[77] The deal closed on June 1, 2009.[78]
MX Logic
On July 30, 2009, McAfee announced plans to acquire managed email and web security vendor MX Logic. The acquisition provided an enhanced range of SaaS-based security services such as cloud-based intelligence, web security, email security, endpoint security and vulnerability assessment.[79] The deal closed on September 1, 2009 at a price of $140 million.[80] MX Logic staff were integrated into McAfee's SaaS business unit.
Trust Digital
On May 25, 2010, McAfee announced a definitive agreement to acquire Trust Digital, a privately held online security company that specialized in security for mobile devices. The acquisition allowed McAfee to extend its services beyond traditional endpoint security and move into the mobile security market.[81] The acquisition closed on June 3, 2010.[82] The price for Trust Digital was not disclosed.[83]
TenCube
On July 29, 2010, McAfee announced a definitive agreement to acquire tenCube, a privately held online security company that specialized in anti-theft and data security for mobile devices.[84] The acquisition allowed McAfee to complete its diversification into the mobile security space, and announce its plans to build the next generation mobile platform. The acquisition closed on August 25, 2010.
Sentrigo
On March 23, 2011, McAfee announced its intention to acquire privately owned Sentrigo,[85] a leading provider of database security, including vulnerability management, database activity monitoring, database audit, and virtual patching—which ensure databases are protected without impacting performance or availability. The acquisition enabled McAfee to extend its database security portfolio. The acquisition closed on April 6, 2011.[86][87]
NitroSecurity
On October 4, 2011, McAfee announced its intention to acquire privately owned NitroSecurity,[88] a developer of high-performance security information and event management (SIEM) solutions that protect critical information and infrastructure. NitroSecurity solutions reduce risk exposure and increase network and information availability by removing the scalability and performance limitations of security information management. The acquisition closed on November 30, 2011.[89]
ValidEdge
On February 26, 2013, McAfee announced it had acquired the ValidEdge sandboxing technology.[90]
Stonesoft
On July 8, 2013 McAfee completed the tender offer for Finnish network firewall design company Stonesoft Oyj worth $389 million in cash, or about $6.09 a share.[91] The Next Generation Firewall business acquired from Stonesoft was divested to Forcepoint in January 2016.[92][93]
PasswordBox
On December 1, 2014, Intel Security announced the acquisition of PasswordBox, a Montreal-based provider of digital identity management solutions. Financial terms were not disclosed.[94]
Skyhigh Networks
In November 2017, McAfee acquired Skyhigh Networks, a CASB security company.[95] The acquisition closed January 3, 2018.[96] In March 2021, Symphony Technology Group acquired McAfee Enterprise, including Skyhigh Networks. In January 2022, STG announced that McAfee Enterprise's security service edge (SSE) business would operate as a separate company to be known as Skyhigh Security, built on McAfee Enterprise and Skyhigh Networks.[97]
In August 2019, McAfee acquired NanoSec, a container security company.[100]
Controversies
Channel stuffing lawsuit
On January 4, 2006, the Securities and Exchange Commission filed suit against McAfee for overstating its 1998–2000 net revenue by US$622,000,000.[101] Without admitting any wrongdoing, McAfee simultaneously settled the complaint, and agreed to pay a $50 million penalty and rework its accounting practices.[102] The fine was for accounting fraud; known as channel stuffing that served to inflate their revenue to their investors.[102]
SEC investigation into share options
In October 2006, McAfee fired its president Kevin Weiss,[103] and its CEO George Samaneuk resigned under the cloud of a recent SEC investigation which also caused the departure of Kent Roberts, the General Counsel, earlier in the year. In late December 2006 both Weiss and Samaneuk had share option grant prices revised upwards by McAfee's board. Weiss and Roberts were both exonerated by an arbitrator of all wrongdoing from the claims of McAfee in 2009.[104][105][106]
DAT 5958 update
On April 21, 2010, beginning at approximately 14:00 UTC, millions of computers worldwide running Windows XP Service Pack 3 were affected by an erroneous virus definition file update by McAfee, resulting in the removal of a Windows system file (svchost.exe) on those machines as it was falsely detecting the file as w32/wecorl.a, causing machines to lose network access, sometimes enter a reboot loop and, in some cases bluescreen.[107] McAfee rectified this by removing and replacing the faulty DAT file, version 5958, with an emergency DAT file, version 5959 and has posted a fix for the affected machines in their consumer knowledge base.[108][109] The University of Michigan's medical school reported that 8,000 of its 25,000 computers crashed. Police in Lexington, Ky., resorted to hand-writing reports and turned off their patrol car terminals as a precaution. Some jails canceled visitation, and Rhode Island hospitals turned away non-trauma patients at emergency rooms and postponed some elective surgeries.[110] Australian supermarket Coles reported that 10% (1,100) of its point-of-sales terminals were affected and was forced to shut down stores in both western and southern parts of the country.[111] As a result of the outage, McAfee implemented additional QA protocols for any releases that directly impacted critical system files. The company also rolled out additional capabilities in Artemis that provide another level of protection against false positives by leveraging a whitelist of hands-off system files.[112]
DAT 6807-6808 update
In August 2012, an issue with an update to McAfee antivirus for home and enterprise computers turned off the antivirus protection and, in many cases, prevented connection to the Internet. McAfee was criticized for being slow to address the problem, forcing network operations to spend time diagnosing the issue.[113]
^Darwin, Trudy (November 30, 2018). "IN MEMORIAM". Bridgeworks. Archived from the original on October 5, 2024. Retrieved July 23, 2021.
^"Deals: McAfee To Acquire Foundstone". Technology Briefing. The New York Times. Bloomberg News. August 17, 2004. Archived from the original on October 5, 2024. Retrieved June 25, 2021.
^Computer Desktop Encyclopedia (1981–2018). "McAfee". TheFreeDictionary.com. Pennsylvania (US): The Computer Language Co. Inc. Archived from the original on May 7, 2018. Retrieved May 7, 2018.
^"McAfee, Inc.: Lit. Rel. No. 19520" (Press release). US Securities and Exchange Commission. January 4, 2006. Archived from the original on October 22, 2017. Retrieved September 4, 2017. While engaging in this "channel stuffing," McAfee improperly recorded the sales to distributors as revenue.