Mandiant announced two new Mandiant Advantage services to fight ransomware and data breaches during the annual Cyber Defense Summit. The new software-as-a-service offerings — Active Breach & Intel Monitoring and Ransomware Defense Validation — allow enterprise security teams to detect the presence of active Indicators of Compromise in their environments and test their defenses against ransomware attacks.
Active Breach & Intel Monitoring proactively monitors customer networks to identify the presence of IOCs based on insights drawn from Mandiant’s global incident response engagements and threat intelligence research. The service searches for IOCs to uncover active breaches as well as historical incidents. Mandiant evaluates the IOCs and prioritizes the alerts so that security teams can rapidly identify potential attacks and reduce the amount of time a threat actor has to cause damage.
Ransomware Defense Validation lets security teams test their critical security controls against prevalent ransomware and identify gaps that require immediate attention. Organizations can test their anti-ransomware defenses by tapping into the latest threat intelligence Mandiant has on active ransomware attackers and their tactics, techniques, and procedures. Security teams can find out what changes need to be made to their defenses to block or contain ransomware attacks.
Mandiant Advantage, unveiled last year, currently has four modules delivering automated defense, threat intelligence, security validation, and attack surface management. The modules for Active Breach & Intel Monitoring and Ransomware Defense Validation are expected to be generally available in January 2022.
Read more about Active Breach & Intel Monitoring and Ransomware Defense Validation here.