Mandiant announces new solutions for leveraging threat intel


Mandiant, announced two new, SaaS offerings – Active Breach and Intel Monitoring and Ransomware Defense Validation. The new products bolster the multi-vendor Extended Detection and Response (XDR) capabilities of the Mandiant Advantage platform by accelerating operational use of Mandiant’s up-to-the-minute threat intelligence and validating whether an organisation’s security controls could alert, contain, or block prevalent ransomware attacks. These offerings are designed with organisations of all sizes in mind to improve their security effectiveness and confidence in their readiness to defend against cyber attacks. The two new offerings are expected to be generally available in January 2022.

Threat actors have continued to become more sophisticated – especially during the COVID-19 pandemic – and are targeting organisations of all sizes and industries. As organisations invest in talent and technology to stop these potential threats, they require solutions that quickly identify targeted attacks and gaps in security informed by up-to-date, relevant threat intelligence.

To address the growing need of organisations to protect themselves against cyber attacks, Mandiant is launching Active Breach and Intel Monitoring and Ransomware Defense Validation. Leveraging accurate and relevant threat intelligence, these SaaS-based solutions allow organisations to detect the presence of active Indicators of Compromise (IOCs) in their environment and test their readiness to withstand the latest ransomware attacks.

Active Breach and Intel Monitoring

Active Breach and Intel Monitoring, powered by insights gained from Mandiant’s global incident response engagements and comprehensive threat intelligence research, is designed to identify the presence of relevant Indicators of Compromise (IOCs) within organisations’ IT environments based on the latest information from real, active breach investigations performed worldwide. With this data, Active Breach & Intel Monitoring module searches customers’ data for IOC matches from the present to the previous 30+ days.

As a SaaS-based solution, Mandiant Active Breach and Intel Monitoring is easy to deploy and immediately begins detecting and prioritising IOC matches. To help security teams and leaders focus on the highest priority alerts, the solution goes beyond simple matching, by analysing and evaluating IOCs with a data science-based score and numerous contextual factors, such as direction of travel and indicator type. Security teams can then more efficiently address and respond to threat alerts.

With Active Breach and Intel Monitoring, security teams of all sizes can rapidly identify potential attacks that match IOCs for cyber attacks and reduce threat actor dwell time to reduce the impact of targeted attacks.

Ransomware Defense Validation

Ransomware Defense Validation tests organisations’ critical security controls against prevalent ransomware and informs security teams of capabilities that require immediate attention.

“Organisations of all sizes are struggling to answer basic questions as ransomware attacks are on the rise and they’re working to determine if they’re prepared or have been breached,” said Chris Key, Chief Product Officer, Mandiant. “With Ransomware Defense Validation, we are providing a solution that will arm organisations with the tools and Mandiant’s knowledge to measure and improve ransomware preparedness like never before. Organisations no matter their size can within hours test their defenses against ransomware attacks utilising current and relevant threat intelligence.”

Powered by Mandiant frontline threat intelligence on active ransomware attackers and their tactics, techniques, and procedures (TTPs), Ransomware Defense Validation tests an organisation’s critical security controls and identifies changes required to be made to their defenses to block or contain modern and prevalent known ransomware attacks.

With Ransomware Defense Validation, security teams have 24×7 access to reports with quantitative data and readouts from Mandiant experts to inform key stakeholders of the organisation’s state of readiness against the threat of ransomware.

Together, Ransomware Defense Validation and Active Breach and Intel Monitoring prepare organisations of all sizes to defend against the most sophisticated threats of today.


To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio

Tel: +44 (0) 1622 823 922