Mandiant has announced two new, first-of-their-kind SaaS offerings – Active Breach & Intel Monitoring and Ransomware Defense Validation. The new products bolster the multi-vendor Extended Detection and Response (XDR) capabilities of the Mandiant Advantage platform by accelerating operational use of Mandiant’s leading up-to-the-minute threat intelligence and validating whether an organization’s security controls could alert, contain, or block prevalent ransomware attacks. These offerings are designed with organizations of all sizes in mind to improve their security effectiveness and confidence in their readiness to defend against cyber attacks. The two new offerings are expected to be generally available in January 2022.
To address the growing need of organizations to protect themselves against cyberattacks, Mandiant is launching Active Breach & Intel Monitoring and Ransomware Defense Validation. Leveraging the most accurate and relevant threat intelligence, these SaaS-based solutions allow organizations to detect the presence of active Indicators of Compromise (IOCs) in their environment and test their readiness to withstand the latest ransomware attacks.
Active Breach & Intel Monitoring
Active Breach & Intel Monitoring, powered by insights gained from Mandiant’s global incident response engagements and comprehensive threat intelligence research, is designed to identify the presence of relevant Indicators of Compromise (IOCs) within organizations’ IT environments based on the latest information from real, active breach investigations performed worldwide. With this data, Active Breach & Intel Monitoring module searches customers’ data for IOC matches from the present to the previous 30+ days.
As a SaaS-based solution, Mandiant Active Breach & Intel Monitoring is easy to deploy and immediately begins detecting and prioritizing IOC matches. To help security teams and leaders focus on the highest priority alerts, the solution goes beyond simple matching, by analyzing and evaluating IOCs with a data science-based score and numerous contextual factors, such as direction of travel and indicator type. Security teams can then more efficiently address and respond to threat alerts.
With Active Breach & Intel Monitoring, security teams of all sizes can rapidly identify potential attacks that match IOCs for cyber attacks and reduce threat actor dwell time to reduce the impact of targeted attacks.
Ransomware Defense Validation
Ransomware Defense Validation tests organizations’ critical security controls against prevalent ransomware and informs security teams of capabilities that require immediate attention.
Powered by Mandiant frontline threat intelligence on active ransomware attackers and their tactics, techniques, and procedures (TTPs), Ransomware Defense Validation tests an organization’s critical security controls and identifies changes required to be made to their defences to block or contain modern and prevalent known ransomware attacks.
With Ransomware Defense Validation, security teams have 24×7 access to reports with quantitative data and readouts from Mandiant experts to inform key stakeholders of the organization’s state of readiness against the threat of ransomware.
Together, Ransomware Defense Validation and Active Breach & Intel Monitoring prepare organizations of all sizes to defend against the most sophisticated threats of today.
