Mandiant has announced two new, first-of-their-kind SaaS offerings – Active Breach & Intel Monitoring and Ransomware Defense Validation. The new products bolster the multi-vendor Extended Detection and Response (XDR) capabilities of the Mandiant Advantage platform by accelerating operational use of Mandiant’s leading up-to-the-minute threat intelligence and validating whether an organization’s security controls could alert, contain, or block prevalent ransomware attacks. These offerings are designed with organizations of all sizes in mind to improve their security effectiveness and confidence in their readiness to defend against cyber attacks. The two new offerings are expected to be generally available in January 2022.
Threat actors have continued to become more sophisticated – especially during the COVID-19 pandemic – and are targeting organizations of all sizes and industries. As organizations invest in talent and technology to stop these potential threats, they require solutions that quickly identify targeted attacks and gaps in security informed by up-to-date, relevant threat intelligence.
To address the growing need of organizations to protect themselves against cyber attacks, Mandiant is launching Active Breach & Intel Monitoring and Ransomware Defense Validation. Leveraging the most accurate and relevant threat intelligence, these SaaS-based solutions allow organizations to detect the presence of active Indicators of Compromise (IOCs) in their environment and test their readiness to withstand the latest ransomware attacks.
Active Breach & Intel Monitoring
Active Breach & Intel Monitoring, powered by insights gained from Mandiant’s global incident response engagements and comprehensive threat intelligence research, is designed to identify the presence of relevant Indicators of Compromise (IOCs) within organizations’ IT environments based on the latest information from real, active breach investigations performed worldwide. With this data, Active Breach & Intel Monitoring module searches customers’ data for IOC matches from the present to the previous 30+ days.
As a SaaS-based solution, Mandiant Active Breach & Intel Monitoring is easy to deploy and immediately begins detecting and prioritizing IOC matches. To help security teams and leaders focus on the highest priority alerts, the solution goes beyond simple matching, by analyzing and evaluating IOCs with a data science-based score and numerous contextual factors, such as direction of travel and indicator type. Security teams can then more efficiently address and respond to threat alerts.
With Active Breach & Intel Monitoring, security teams of all sizes can rapidly identify potential attacks that match IOCs for cyber attacks and reduce threat actor dwell time to reduce the impact of targeted attacks.
Ransomware Defense Validation
Ransomware Defense Validation tests organizations’ critical security controls against prevalent ransomware and informs security teams of capabilities that require immediate attention.
“Organizations of all sizes are struggling to answer basic questions as ransomware attacks are on the rise and they’re working to determine if they’re prepared or have been breached,” said Chris Key, Chief Product Officer, Mandiant. “With Ransomware Defense Validation, we are providing a solution that will arm organizations with the tools and Mandiant’s knowledge to measure and improve ransomware preparedness like never before. Organizations no matter their size can within hours test their defenses against ransomware attacks utilizing current and relevant threat intelligence.”
Powered by Mandiant frontline threat intelligence on active ransomware attackers and their tactics, techniques, and procedures (TTPs), Ransomware Defense Validation tests an organization’s critical security controls and identifies changes required to be made to their defenses to block or contain modern and prevalent known ransomware attacks.
With Ransomware Defense Validation, security teams have 24×7 access to reports with quantitative data and readouts from Mandiant experts to inform key stakeholders of the organization’s state of readiness against the threat of ransomware.
Together, Ransomware Defense Validation and Active Breach & Intel Monitoring prepare organizations of all sizes to defend against the most sophisticated threats of today.