Monday, September 23, 2013

Fireeye's Pakistani-American Founder Ashar Aziz Wins Big on IPO

NASDAQ IPO of Silicon Valley's cyber security firm Fire-eye has made its Pakistani-American founder Ashar Aziz worth $430 million at the market close on Friday, according an estimate by Forbes magazine.

The high-tech company priced its initial public offering of 15.2 million shares at $20 per share late Thursday, raising about $304 million after increasing its expected price range to $15 to $17 per share. Shares of FEYE were trading up by more than 100% during the day before closing up $16 or 80% to $36.00 on the Nasdaq Friday. FEYE closed up another 4% to $37.45 on Monday.

Aziz owns about 10.91 million shares in the Milipitas, Calif.-based security company; that 9.3% stake after the offering alone is now worth more than $392 million.

Fireeye Founder and CTO Ashar Aziz
FireEye, founded in 2004, has a virtualization engine which protects its customers' infrastructure from attacks that may come through the web and email. Its dynamic virtual cloud analyzes incoming data, providing real-time intelligence to its users.

FireEye is riding high on a wave of growing cyber security concerns amid increasing cyber attacks being reported almost daily from around the globe. FireEye's founder Ashar Aziz is among the top recognized experts in the field of Internet and computer security. With the $50 million round from top investors in January 2013, the company raised $100 million in venture money before going public. The venture funding came from investors including Sequoia Capital, Norwest Venture Partners, Goldman Sachs, Juniper Networks, Silicon Valley Bank, and others.  Several other security companies including Illumio, CipherCloud, Mocana  have recently significant sums of money from venture capital firms.

Here's a video of Ashar talking about  the effectiveness of his technology in blocking new and  previously unidentified attacks by not relying on signatures:

Interview with Ashar Aziz, CEO of FireEye from Richard Stiennon on Vimeo.

Related Links:

Haq's Musings

Two Pakistani-American Silicon Valley Techs Among Top 5 VC Deals

Pakistani-American's Game-Changing Vision 

Minorities Are Majority in Silicon Valley 

US Promoting Venture Capital & Private Equity in Pakistan

Pakistani-American Population Growth Second Fastest Among Asian-Americans

Edible Arrangements: Pakistani-American's Success Story

Pakistani-American Elected Mayor

Upwardly Mobile Pakistan

US Firms Adding Jobs Overseas 

Pakistan's Demographic Dividend

Pakistanis Study Abroad

Pakistan's Youth Bulge

Pakistani Diaspora World's 7th Largest

Pakistani-American NFL Team Owner

Pakistani-American Entrepreneurs Catch the Wave

Pakistani Graduation Rate Higher Than India's


S Qureshi said...

Great success story. Congrats to Ashar Aziz.

Suhail said...

Is Ashar is a mohajir or a Punjabi? With the ongoing discussion about the superior capabilities of one or other ethnicities of Pakistan, it will be in order to list say the top 50 Pakistani entrepreneurs in the Bay Area in terms of their ethnicity. This would provide data based information that may help reach a conclusion.

Moin said...

I think a list of just Pakistanis in hi tech companies above $100 million would be valuable without going into ethnicities or language. I think we should all work at a National level and not at a Provincial level. This narrow minded approach hurt us in 1947 and will hurt us again if we divide the Provinces.

Shams said...

I can't say if Ashar Aziz is Urdu speaking, but here are a couple of guys who certainly are as Urdu speaking as it gets. One, Mir Imran (, is way above Ashar Aziz's current financial ranking.

The second, Sikandar Naqvi (, is pretty high up there, would have been above, if his companies went through IPO today rather than 10 to 15 years ago.

Riaz Haq said...

Shams: "I can't say if Ashar Aziz is Urdu speaking, but here are a couple of guys who certainly are as Urdu speaking as it gets. One, Mir Imran (, is way above Ashar Aziz's current financial ranking."

I know Mir Imran and Sikandar Naqvi. They are both very good people.

In fact, Mir Imran is an extraordinary inventor of heath care devices.

Sikandar is from UET. He's the younger brother of Hassan Naqvi who was GM of NESPAK in Karachi in 1970s.

Mir Imran is Indian, not Pakistani.

Note: I think the reason Shams picked these two is because, in addition to being Urdu speaking, they are also both Shia....two most important qualifications to make Shams's list of "good guys".

Riaz Haq said...

Suhail: "Is Ashar is a mohajir or a Punjabi?"

It's irrelevant to me.

The fact is that there are many successful Pakistani-American entrepreneurs of many ethnicities.

Ashar was born in Karachi and grew up in Islamabad. He is a leader in security technology along with the likes of RSA founders Ron Rivest, Adi Shamir, and Len Adleman

As far as taking a company public with IPO is concerned, there may be many but I know of only two other Pakistani-American founders who have done so: Safi Qureshi (AST) and Raghib Husain (Cavium), both muhajirs from Karachi. Righib is an NED alum.

BTW, the richest Pakistani-American is self-made billionaire Shahid Khan from Lahore. He built his fortune by selling car bumpers and currently owns Jacksonville Jaguars as the only non-white NFL team owner.

Riaz Haq said...

Here's an Economist mag report comparing entrepreneurship in Europe and America:

standing before Germany’s newly minted entrepreneurs is a series of hurdles that have so far kept them from getting bigger and changing the world. The last German tech start-up to become a global star is SAP—founded in 1972. German firms, both the biggest ones and the much-lauded, family-owned Mittelstand, are innovative themselves. But founders dream of German Googles, and the government is keen to encourage them. The barriers are coming down. Unlike the Berlin Wall, however, they will not tumble quickly.

One problem is that popular attitudes towards entrepreneurship are lukewarm (see chart). Just under 50% of Germans polled by the Global Entrepreneurship Monitor (GEM) agreed that starting a business was an attractive idea. Compare that with attitudes in Germany’s neighbours: 65% in France, 68% in Poland and 79% in the Netherlands had positive views. Germans are no more begrudging of success than the others. The problem seems to be that few start-ups achieve it.

Lack of finance is a big reason. Small companies need angel investors and venture capital to survive and grow. But these sources of capital are puny in Germany. Deutsche Bank reckons that there are as many venture-capital investments in Germany as in America (11-12 per million inhabitants). But the average investment in Germany is just €780,000 ($1m), compared with €6m in America. Lars Hinrichs, founder of Xing, a social network for entrepreneurs (and a growing public company), says that a big reason is that successful entrepreneurs do not become investors themselves, as they do in Silicon Valley.

German venture capitalists are cautious. Rather than bet on many companies in the hope that one will grow explosively, they invest more selectively and expect a high proportion to break even within 18 months. Germany’s banks—the local savings banks and co-operatives that fund many traditional companies—are hesitant to lend to untested digital entrepreneurs.

Fear of failure is another dampener. It would deter 42% of Germans from starting a company, GEM’s polling finds. That is far behind Japan’s 53%, but well ahead of the 32% in the United States, where having flopped a few times is a point of pride. Mr Nohroudi says “there’s no one [in Germany] asking ‘what did you learn?’” Instead, when his first company was shuttered, friends urged him to go back to the comfortable university job he had held....

Anonymous said...

excluding the top 1% Germans lead materially better lives than the US not including other perks like relative job security,universal healthcare,free education and 8 weeks paid vacations!

IT entreprerership is one thing the conventiaonal entreprenershipis where mittlestand beats Americans hollow!

Riaz Haq said...

Pakistani-American Entrepreneur Ahmed Khattak revolutionizes #America's cell phone market, launches unlocked phones and MVNO service

Riaz Haq said...

Pakistani-American Entrepreneur Ahmed Khattak's GSM Nation revolutionizes America's cell phone market, launches unlocked phones and MVNO service

Riaz Haq said...

Here's Yahoo Finance news on Pakistani start-up Convo getting $5 million from US VC Morgenthaler Ventures:

SAN FRANCISCO, Sept. 16, 2013 /PRNewswire/ -- Convo, a cloud-based collaboration service, today announced a $5 million Series-A investment from Morgenthaler Ventures. This financing is the company's first investment by an institutional venture capital firm. The funding will be used to evolve its offerings, introduce their service on more platforms, and accelerate user reach and growth.

Convo is a multi-platform service designed to allow teams to share and work together simply and naturally by combining discussions with messaging, images, docs, presentations and PDFs.

Since 2012, Convo has seen exceptionally high levels of engagement in their paying accounts, with an average monthly-active over daily-active ratio of 75%, which is noticeably higher than even the 30% of most social games.

Convo is available across all major platforms and has launched versions of its software for Windows, Mac, Web, iPhone, and Android.

"We built our company with slim resources and a small team, and therefore are excited about our prospects with Morgenthaler Ventures in our corner. They have helped companies at our stage and with our enterprise focus grow exponentially," said Faizan Buzdar, founder and CEO of Convo. "Our immediate priority is to use the new infusion of capital to continue delivering a service that meets the ease-of-use, reliability, and security demands of our customers."

Said Rebecca Lynn, Partner at Morgenthaler Ventures, "We have been amazed at the level of engagement we have seen from Convo's early customers, including many global brands. These organizations won't settle for inconsistent, light-weight solutions. Multinational organizations have selected Convo after putting them through a battery of security tests. There are collaboration services you use to run chit chat, and there are those that run your company. Convo is relied on for the latter."

"Looking across our portfolio, there is a common trait amongst our entrepreneurs, one of extraordinary tenacity and vision, which Faizan has in spades," said Alex Nigg, Venture Partner, Morgenthaler Ventures. "Faizan started his business in Pakistan, moved it to San Francisco, and overcame considerable odds to attract a list of loyal customers from around the world."

About Convo

Convo ( is designed to help any group of people working together to achieve great things. Convo allows creative and innovative teams to easily have the real-time conversations needed to advance a cutting-edge campaign, launch a new product or break the latest news story. Convo, an interactive workspace, is made for people who thrive on the creative process and who want to "get there first." The company (formerly Scrybe) has recently reincorporated in the United States and is headquartered in San Francisco with an offshore office in Pakistan.

Kamal said...

It's been a while. Saw your name mentioned in Express Tribune, though I am sure many others would have told you about it by now. But I thought just in case, I should also reach out.

"One such name is Ashar Aziz, who recently won his cyber security firm, FireEye, an initial public offering (IPO) at Nasdaq stock exchange worth $304 million...Another proud Pakistani in the Silicon Valley is Riaz Haq, who was one of the six engineers who comprised the award winning Intel 80386 CPU design team. For his services to the computing industry, specifically the 80386 family of Intel processors, he was recognised as the Person of the Year by PC Magazine, apart from being on the faculty of Rutgers University and NED University and co-founding DynArray Corp."

Riaz Haq said...

Here's a WSJ PR release on Pakistani engineer Farhan Masood's SoloMetrics:

Mace(R) Security International, an established manufacturing brand known for its personal defense pepper sprays and security equipment, announced today a joint venture with SoloMetrics LLC, to provide safety technology inspired by the film "Minority Report."

The Steven Spielberg thriller, set in 2054, focuses on the role of protecting citizens by preventing crime. While watching the film, inventor Farhan Masood realized he could design the futuristic technology. And he went on to create a successful multi-national company called SoloMetrics.

Now SoloMetrics is partnering with Mace(R) brand to provide innovative technology and services that produce the next generation of safety and security products. The joint venture, named SoloMace, will significantly enhance the Mace(R) brand line of personal defense products and increase its range of law enforcement products.

"This partnership will create unprecedented opportunities in the area of security," said John J. McCann, president and CEO of Mace Security International.

SoloMetrics is a Chicago-based research and development company that invents and assembles technologies addressing gaps in security and access control, time and attendance, business process automation and location-based tracking systems.

Under the newly announced partnership, SoloMetrics will work alongside Mace Security International, its partners and customers to create integrated, automated and intelligent products and solutions. SoloMetrics will utilize its arsenal of patent pending hardware and software technologies including biometrics, complex pattern and gestures recognition, augmented reality and big data.

Mace(R) plans to launch SoloMace in the summer of 2014.

"This will transform what it means to protect yourself and engage law enforcement in new ways," McCann said.

Masood, an engineer whose work was recognized by the MIT Enterprise Forum in 2012, is known as the originator of the Arabic, Urdu and Persian languages on the Internet.

Carter Kennedy, interim CEO at SoloMetrics, said, "Our alliance with Mace(R) brings together technology and protection. It creates a security blanket for people who could be in threatening circumstances."

Mace(R) brand (OTCPINK: MACE) is a manufacturer and provider of personal defense, safety and electronic security products for home, school, business and law enforcement use. The company provides site assessment and integrated security strategies, ranging from pepper spray devices to electronic surveillance and rapid response rescue networks. Mace(R) brand has been a source of non-lethal solutions since 1970.

Riaz Haq said...

Fireeye acquires competitor Mandiant and its its value soars 38% by $1.7 billion, making its Pakistani-American founder Ashar Aziz a lot richer:

Two reports:

SEATTLE –Cybersecurity investments, which were red hot in 2013, are off to a big bang start this new year.

Network security vendor Fireeye, which helps companies detect and stop persistent attacks, has just announced it will acquire Mandiant, best known for its crack forensics investigations work.

The $1.05 billion deal unites two high-visibility companies in the vanguard of defending nation-state cyberespionage. FireEye CEO Dave DeWalt has long been a big admirer of Mandiant founder Kevin Mandia.

"They have these very strong Navy 'cyber' Seals who respond to breaches and are very good at what they do," DeWalt said about Mandiant in a Reuters interview. The two know each other well, as DeWalt, previously served as chairman of Mandiant's board.

DeWalt is best known for sprucing up antivirus McAfee for a $7.68 billion sale to Intel back in 2010. He then went to the sidelines, turning down dozens of CEO jobs before surfacing to take the reins at FireEye, which he took public last September.

Though FireEye continues to operate at a loss, sales grown has been consistent and its market valuation has been off the charts, hovering around $5 billion. DeWalt has declined to say when he expects the company to be profitable.

DeWalt is now using some of that Wall Street luster to acquire Mandiant by using a combination of stock and cash. FireEye issued 21.5 million shares and options, which were worth $939 million on Monday, when the stock closed at $43.69. It has in hand about 140 million shares outstanding.

Mandiant's shareholders, which include Mandia, and venture backers Kleiner Perkins Caufield & Byers, One Equity Partners and the private investment arm of JPMorgan Chase & Co., will also receive $106.5 million cash.

"FireEye is hot and they've done a very good job of showing people that it's important to deal with advanced threats, and the currency they're using to make this deal is their own market capitalization, which is smart," says Craig Carpenter, senior vice president of cybersecurity strategy at AccessData, a Mandiant rival.

Mandiant has had a knack for making headlines divulging revelations uncovered by its investigators who get paid top dollar to ferret out who's responsible for deep hacks at marquee companies. Last February, Mandiant generated heavy news coverage by publishing a detailed report about a Chinese military hacking group operating out of 12-story office towr in Shanghai responsible for breaching 115 companies and organizations in the U.S. since 2006.

"The reason for this deal is that we now live in a world of constant compromise," says Carpenter. "When you know you will be compromised, you can't just continue trying to keep the bad guys out, you also need to investigate every compromise, figure out what happened, prevent it from ever happening again and clean up the mess."

Reuters) - Shares of cybersecurity provider FireEye Inc rose as much as 35 percent on Friday after the company bought computer forensics specialist Mandiant Corp for $1 billion in a deal that underscores increasing consolidation in the red-hot sector.

The share spike added about $1.7 billion to FireEye's market value, which has more than doubled since the company went public in September.

"This deal speaks to our thesis around massive consolidation in the security landscape for 2014, with names such as Fortinet Inc and Proofpoint Inc as prime acquisition candidates ...," FBR Capital Markets analyst Daniel Ives wrote in a note.

Riaz Haq said...

SAN FRANCISCO — For more than a year, a group of cybercriminals has been pilfering email correspondence from more than 100 organizations — most of them publicly traded health care or pharmaceutical companies — apparently in pursuit of information significant enough to affect global financial markets.

The group’s activities, detailed in a report released Monday morning by FireEye, a Silicon Valley security company, shed light on a new breed of criminals intent on using their hacking skills to gain a market edge in the pharmaceutical industry, where news of clinical trials, regulatory decisions or safety or legal issues can significantly affect a company’s stock price.

Starting in mid-2013, FireEye began responding to the group’s intrusions at publicly traded companies — two-thirds of them, it said, in the health care and pharmaceutical sector — as well as advisory firms, such as investment banking offices or companies that provide legal or compliance services.

Continue reading the main story

The headquarters of JPMorgan Chase in New York.Hackers’ Attack Cracked 10 Companies in Major AssaultOCT. 3, 2014
Hackers targeted the phone system at Bob Foreman’s architecture firm in Georgia, making $166,000 in calls in a weekend.Phone Hackers Dial and Redial to Steal BillionsOCT. 19, 2014
The attackers, whom FireEye named “Fin4” because they are one of several groups that hack for financial gain, appear to be native English speakers, based in North America or Western Europe, who are well versed in the Wall Street vernacular. Their email lures are precisely tailored toward each victim, written in flawless English and carefully worded to sound as if they were sent by someone with an extensive background in investment banking and with knowledge of the terms those in the industry employ.

FireEye said it had notified the victims, as well as the Federal Bureau of Investigation, but did not know whether other organizations like the Securities and Exchange Commission were investigating.

Representatives of the F.B.I. and S.E.C. declined to comment on the case.

FireEye has aggressively marketed its security research and breach detection products since it went public last year.

Its Fin4 research was published the day after David G. Dewalt, FireEye’s chief executive, appeared in a “60 Minutes” report, lamenting the fact that companies do not detect their breaches sooner.

The company’s stock price — which surged to $100 a share last March — has since dropped to $30 a share in part because of a report that indicated one of FireEye’s intrusion detection products did not perform as well as others in a lab test.

On Monday, the same day FireEye released its Fin4 report, lawyers filed a class-action suit in the United States District Court for the Northern District of California on behalf of FireEye shareholders.

Riaz Haq said...

From CBS 60 Minutes on Fire-eye:

Target declined our request for an on-camera interview, but the breach of its security a year ago is a case study in how hackers operate. It started when criminals stole the username and password from one of Target's vendors -- a Pennsylvania heating and air conditioning company. The credentials got them into Target's network without attracting attention. Once inside they easily spread to thousands of checkout terminals in nearly every store. The hackers then installed malicious software, or malware, to record card swipes.
Dave DeWalt: The company invested a lot of money in security. It wasn't like they weren't trying to stop the bad guys. It's just the bad guys were really good, number one. Number two, they're very persistent.
A security system Target recently bought from Dave DeWalt's company, did detect the intrusion, and triggered alarms. But Target's older security systems were still in place, generating millions of alerts similar to these. Most were for minor technical glitches and the warnings from FireEye were lost in the noise.
Bill Whitaker: So alarms were going off?
Dave DeWalt: Alarms were going off. And when you get millions of alerts a day and there's one or two alerts that are the ones blinking red, "There's a problem. There's a problem." You can miss it and it's very hard to find the needle in the haystack. So Target's problem ultimately became, "I couldn't find the needle. I couldn't see the one alert that was bright red."
Last December 18, a week before Christmas, a cybersecurity blogger named Brian Krebs first reported the story publicly.
Brian Krebs: The breach lasted for a little more than three weeks. But they actually managed to hit Target at the busiest time of year for them.

Riaz Haq said...

New Delhi: A Pakistani cyber security firm, which has worked with the authorities in that country, has been found stealing information from the Indian government and defence establishments, a report by a US-based security firm FireEye (founded by Pakistani-American Ashar Aziz) said today.

The Pakistani cyber firm accessed computers of bureaucrats through malware and targeted Indian establishments using leased US hosting services, FireEye said.

"An Islamabad-based IT security firm called Tranchulas, which claims to have helped prepare the Pakistani government for cyber warfare, bombarded officials in Indian government organizations with emails containing malicious software, or malware," it said.

The report reveals that India remains a vulnerable target for cyber-attacks even after documents leaked by whistleblower Edward Snowden exposed widespread spying by US National Security Agency.

The firm used terms like 'Sarabjit Singh', 'Devyani Khoragade' and 'Salary hikes for government employees' in the subject line to lure officials into opening attachments containing the malware.

The malware, identified by FireEye, has been active since early 2013 with the name of a Tranchulas employee, Umair Aziz, in its code.

FireEye said that since "July 2013, different variants of the malware with modified names have surfaced. It is indicated that it was common for cyber attackers to use servers located in a different country to avoid detection".

Riaz Haq said...

FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today released "Behind the Syrian Conflict's Digital Front Lines," a report from the FireEye Threat Intelligence team detailing the activities of a cyber espionage group that stole Syrian opposition's strategies and battle plans. To undertake this operation, the threat group employed a familiar tactic: ensnaring its victims through conversations with seemingly sympathetic and attractive women. As the conversations progressed, the "women" would offer up a personal photo, laden with malware and developed to infiltrate the target's computer or Android phone.

"In the course of our threat research, we found the activity focused on the Syrian opposition that shows another innovative way threat groups have found to gain the advantage they seek," said Nart Villeneuve, senior threat intelligence researcher at FireEye. "While we cannot positively identify who is behind these attacks, we know that they used social media to infiltrate victims' machines and steal military information that would provide an advantage to President Assad's forces on the battlefield."

Between at least November 2013 and January 2014, the group stole a cache of critical documents and Skype conversations revealing the Syrian opposition's strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions. This data belonged to the men fighting against Syrian President Bashar al-Assad's forces as well as media activists, humanitarian aid workers, and others within the opposition located in Syria, the region and beyond.

During analysis by FireEye Threat Intelligence, a unique tactic of the threat group was uncovered. Over the course of a Skype conversation the attacker would ask the victim what type of device he was using to chat. By determining whether it was an Android phone or a computer, the hackers would then send appropriately tailored malware.

FireEye Threat Intelligence has found limited indications about the threat group's origins, but if the data was acquired by President Assad's forces or allies, it would benefit his military efforts.

Riaz Haq said...

#Pakistani-#American Asher Aziz's cybersecurity firm #FireEye probing #Bangladesh bank heist of $100m. via @Reuters

Investigators suspect unknown hackers managed to install malware in the Bangladesh central bank's computer systems and watched, probably for weeks, how to go about withdrawing money from its U.S. account, two bank officials briefed on the matter said on Friday.

More than a month after hackers breached Bangladesh Bank's systems and attempted to steal nearly $1 billion from its account at the Federal Reserve Bank of New York, cyber security experts are trying to find out how the hackers got in.

FireEye Inc's Mandiant forensics division is helping investigate the cyber heist, which netted hackers more than $80 million before it was uncovered.

Investigators now suspect that malware that allowed hackers to learn how to withdraw the money could have been installed several weeks before the incident, which took place between Feb. 4 and Feb. 5, the officials said.

Investigators suspect the attack was sophisticated, describing the use of a "zero day" and referring to an "advanced persistent threat", the officials said.

A zero day is a vulnerability in software that has yet to be identified or patched. Hackers leverage this hole to plant malware on the target computer.

Advanced persistent threat is a long-term attack on a system, where hackers remain inside the target, for months, and sometimes even years.

So far investigators have not found any proof of involvement of the central bank staff in Bangladesh, one of the officials said, but added that the probe was continuing.

Unraveling the mystery behind one of the largest cyber heists in history is crucial for security in a connected world. Understanding how it happened could help banks shore up security of their computer systems and payment networks that form the backbone of global commerce.

Security experts say the perpetrators had deep knowledge of the Bangladeshi institution's internal workings, likely gained by spying on bank workers.

Bangladesh Bank officials have said hackers appeared to have stolen their credentials for the SWIFT messaging system, which banks around the world use for secure financial communication.

The Fed, which provides banking services to some 250 central banks and other institutions, has said its systems were not compromised.

The Bangladesh central bank had billions of dollars in its current account, which it used for international settlements, officials have said.

The money stolen from the Bangladesh central bank made its way to the other side of the world.

Some $80 million are believed to have ended in the Philippines, and further diverted to casinos and then to Hong Kong, according to bank officials.

One $20 million transaction was directed to a non-profit organization in Sri Lanka.

But the unusually large transaction for the island nation and a misspelling of the NGO's name raised red flags that helped bring the robbery to light. The transaction was blocked as was another huge payment instruction that was for between $850 million and $870 million.