Stay on Top of Emerging Technology Trends Get updates impacting your industry from our GigaOm Research Community

In the spy vs. spy scenarios sparked by NSA-gate and increasing evidence that everyone — not just the NSA — is spying on everyone else, it makes perfect sense that FireEye (s feye) is buying Mandiant for a cool $1 billion. Mandiant a specialist in cyber threat forensics and endpoint detection, came to prominence last year for its starring role in a New York Times report that linked a Shanghai-based unit of the Chinese People’s Liberation army to cyber attacks on U.S.-based tech companies.

According to a press release, the deal brings together the two companies’ respective expertise in “real-time threat detection, contextual threat intelligence and rapid incident response.”

FireEye, an expert in persistent threat detection, and Mandiant had already been working together for a year, and now they’re formalizing that collaboration to offer a range of cybersecurity detection, prevention, containment and remediation. Mandiant also brings its expertise in end-point security and will speed FireEye’s entry into the broader intrusion protection services market, said Nomura Securities analyst Rick Sherlund in a research note. He said the combination of companies greatly expand the total addressable market for FireEye from about $11 billion to $30 billion.

Milpitas,Calif.-based FireEye filed for an IPO in August, but apparently opted for another exit strategy. The two companies employ almost 2,000 people and claim more than $100 million in sales, FireEye CEO Dave DeWalt told the San Jose Mercury News. Mandiant founder and CEO Kevin Mandia is now SVP, COO and a director of FireEye, based in Alexandria, Virg.

The market apparently loves this acquisition, announced late on Thurday. On Friday morning FireEye shares were trading up about 25 percent to $51.67.