Mandiant expands its SaaS offering. The two new products Active Breach & Intel Monitoring and Ransomware Defense Validation complement the manufacturer-independent Extended Detection and Response (XDR) capabilities of the Mandiant Advantage platform.
They accelerate the operational use of the up-to-the-minute threat intelligence from Mandiant and check whether a company's security mechanisms can detect, contain and block common ransomware attacks. The offers for companies of all sizes improve the effectiveness of the security measures and the confidence in being able to ward off cyber attacks. The two new offers are expected to hit the market in January 2022.
Detect targeted attacks and security gaps
Hacker groups have become increasingly sophisticated, especially during the COVID-19 pandemic. They target companies of all sizes and industries. As companies invest in people and technology to stop these potential threats, they need solutions that can quickly identify targeted attacks and vulnerabilities based on up-to-date, relevant threat intelligence.
To meet the growing security needs of companies, Mandiant brings Active Breach & Intel Monitoring and Ransomware Defense Validation to the market. The SaaS-based solutions use the most accurate and relevant threat intelligence and enable companies to see whether there are active indicators of compromise (IOCs) in their IT environment. At the same time, they can check how well they are prepared to defend themselves against the latest ransomware attacks.
Active Breach & Intel Monitoring
Active Breach & Intel Monitoring is based on the findings from client's global incident response activities and extensive threat intelligence research. It is designed to identify relevant indicators of compromise (IOCs) in corporate IT environments. For this purpose, the latest information from real, worldwide investigations of security incidents is used. With this data, the Active Breach & Intel Monitoring module searches the customer's data for IOC matches for the last 30+ days.
As a SaaS-based solution, Mandiant Active Breach & Intel Monitoring is easy to implement and starts immediately identifying and prioritizing IOC matches. So that security teams and executives can focus on the highest priority alerts, the solution goes beyond simple reconciliation. It analyzes and evaluates the IOCs on the basis of a value based on data science and numerous context-related factors such as the direction of movement and the type of indicator. This enables security teams to respond to and respond to threat alerts more efficiently.
With Active Breach & Intel Monitoring, security teams of all sizes can quickly identify potential attacks that match IOCs of cyberattacks and reduce the length of time hacking groups spend. This can help reduce the effects of targeted attacks.
Ransomware Defense Validation
Active Breach & Intel Monitoring enable threat intelligence analysis and relieve SOC teams (Image: Mandiant).
The Ransomware Defense Validation tests the most important security mechanisms of companies against common ransomware and informs the security teams about functions that require immediate attention.
"With the rise in ransomware attacks, organizations of all sizes are grappling with fundamental questions and trying to figure out if they are prepared or if there is a vulnerability," said Chris Key, chief product officer at Mandiant. “With Ransomware Defense Validation, we offer a solution that equips companies with the tools and knowledge of Mandiant to test and improve their defense capabilities. Companies can use up-to-date and relevant threat intelligence to test their defenses against ransomware attacks within a few hours. "
Test of the security mechanisms of a company
On the basis of client threat intelligence on active ransomware attackers and their tactics, techniques and procedures (TTPs), Ransomware Defense Validation tests the relevant security mechanisms of a company. The solution determines which changes must be made to the defense in order to block or contain modern and widespread ransomware attacks. With Ransomware Defense Validation, security teams have XNUMX/XNUMX access to reports with quantitative data and information from Mandiant experts. This enables the most important stakeholders to be informed about the defenses against ransomware threats.
More at Mandiant.com
About Mandiant Mandiant is a recognized leader in dynamic cyber defense, threat intelligence and incident response. With decades of experience on the cyber frontline, Mandiant helps organizations confidently and proactively defend against cyber threats and respond to attacks. Mandiant is now part of Google Cloud.