Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

4/21/2021
04:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Mandiant Advantage Expands SaaS platform with New Mandiant Automated Defense Module

MILPITAS, Calif., April 21, 2021 – FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced the expansion of its Mandiant Advantage SaaS platform to include its new Mandiant Automated Defense module, creating a powerful, multi-vendor XDR capability. Mandiant Automated Defense is the latest module available in the Mandiant Advantage platform, joining the Mandiant Threat Intelligence and Mandiant Security Validation modules.

Organizations struggle to consistently, quickly, and accurately assess and investigate the multitude of alerts received by their security operations centers (SOC) daily. In February 2021 alone, Mandiant Automated Defense reduced more than 52 billion customer alerts down to less than 700 prioritized investigations. Formerly Respond Software’s virtual analyst product, Mandiant Automated Defense dramatically increases Mandiant's ability to scale its unique expertise and intelligence as software delivered through an easy-to-deploy SaaS interface. 

“Skill shortages, an overwhelming number of alerts, and even misconfigured tools all contribute to the challenges faced by the modern SOC,” said Chris Key, EVP of Products, Mandiant. “Our customers have been asking us for technology that embeds Mandiant expertise and intelligence into their environment at scale – Mandiant Automated Defense is another of our products that does just that.”

Mandiant Automated Defense addresses the people, process, and technology challenges faced by cybersecurity defenders in the SOC. Automated Defense injects Mandiant's unique expertise and intelligence directly into its alert investigation. This automated triage process enables security personnel to prioritize and focus on the most relevant threats, reducing time wasted on false positives.  

"Enterprises are truly changing the way they manage security operations," said Jon Oltsik, Senior Principal Analyst and Fellow, Enterprise Strategy Group. "Through Respond Software, Mandiant has added an innovator in security operations that can help enable security teams better serve customers, increase productivity, and achieve better cyber security business outcomes. Mandiant Automated Defense can help customers truly work without boundaries – outside of their current tools and processes." 

Supporting more than 60 security technologies, cloud platforms and network management tools, the Mandiant Advantage SaaS platform works with best-of-breed, multi-vendor controls to deliver world-class XDR capabilities. The Mandiant Advantage platform now includes three modules: 

Mandiant Threat Intelligence 

Mandiant Security Validation (formerly Verodin)

Mandiant Automated Defense (formerly Respond Software)

About Mandiant

Mandiant, a part of FireEye, brings together the world’s leading threat intelligence and frontline expertise with continuous security validation to arm organizations with the tools needed to increase security effectiveness and reduce organizational risk.

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,900 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.