Mandiant, Inc. (Mandiant) operates as a global cybersecurity company.
The company provides intelligence-based cybersecurity solutions and services that allow organizations to prepare for, prevent, investigate, respond to and remediate cyber-attacks, including attacks that target on-premises, cloud, and critical infrastructure environments.
The company designs its cybersecurity solutions to rapidly incorporate the latest threat intelligence as the threat environment evolves. Through its work on...
Mandiant, Inc. (Mandiant) operates as a global cybersecurity company.
The company provides intelligence-based cybersecurity solutions and services that allow organizations to prepare for, prevent, investigate, respond to and remediate cyber-attacks, including attacks that target on-premises, cloud, and critical infrastructure environments.
The company designs its cybersecurity solutions to rapidly incorporate the latest threat intelligence as the threat environment evolves. Through its work on the front lines, the company learns the tactics, techniques and procedures (TTPs) attackers are using to circumvent security safeguards. The company’s expertise and threat intelligence fuels its detection, validation, and automated response capabilities; and becomes an integral component of its technologies in a cycle of intelligence-driven innovation. The company also offers managed and consulting services to its customers to augment their internal security resources, to aid in the deployment and management of its solutions and to provide expertise on-demand when needed.
The company markets its solutions and services under the Mandiant brand.
The company’s Mandiant solutions include its controls-agnostic threat intelligence, validation, attack surface management and XDR SaaS solutions, as well as its portfolio of managed services and consulting services. The company has developed the Mandiant Advantage platform to be a single portal for customers to access all Mandiant Advantage modules and to integrate with its customers' existing security technology environment.
In 2021, the company acquired Intrigue Corp. (Intrigue), a developer of attack surface management technology.
Cybersecurity SaaS Solutions and Services
The company’s software-as-a-service (SaaS) solutions and services are designed to help organizations of all sizes improve their resilience to cyber-attacks and reduce the risks of a costly breach. The company markets its solutions and services under the Mandiant brand. Mandiant helps customers prevent, detect, investigate, and respond to cyber-attacks.
Platform, Cloud Subscription and Managed Services
Mandiant Advantage SaaS Solutions
Mandiant Advantage is a controls-agnostic SaaS platform that helps customers improve their security profile with software that operationalizes the company’s intelligence in their environments and managed services that augment internal resources, regardless of the security control products deployed. Mandiant's SaaS offerings include the company’s threat intelligence subscriptions, the company’s security validation, attack surface management and XDR (extended detection and response) software-as-a-service solutions, and the company’s managed services where Mandiant experts manage the company’s SaaS solutions for its customers. The company developed the Mandiant Advantage SaaS platform to be a single portal for Mandiant customers.
Subscriptions to Mandiant SaaS solutions are typically offered for one- or three-year terms and are usually invoiced for the full term of the subscriptions up-front.
Mandiant Advantage - Threat Intelligence is a powerful SaaS-based module within the Mandiant Advantage platform that provides organizations of all sizes with up-to-the-minute, relevant cyber threat intelligence so they can focus on and address the threats that matter now.
Threat Intelligence is available in three subscription levels through the Mandiant Advantage platform:
Free subscription includes publicly known vulnerability and threat intelligence overlaid with Mandiant insights and threat scores to provide situational awareness;
Security Operations subscription provides intelligence on actors, malware and vulnerabilities to help customers prioritize alerts and understand the attacker, capabilities and motivations behind security events; and
Fusion subscription provides in-depth analysis of threat actors, technical and dark web research findings, and incident response intelligence to enable informed cyber defense investments and decisions.
The company’s Digital Threat Monitoring and Vulnerability modules are included in Fusion, and are available as add-on subscriptions to Security Operations and Free subscription levels. Digital Threat Monitoring helps customers identify unknown breaches and high probability attacks by using customer-defined key words and the company’s automated web reconnaissance technology to analyze content on the open and dark web for credential leakage, public data exposure and other potential threats. The company’s Vulnerability add-on subscription provides notifications on new zero-day vulnerabilities and analysis of likely usage by threat actors to enable targeted resolution.
Mandiant Advantage Security Validation: Security Validation allows organizations to measure, manage and communicate the effectiveness of their security controls. The solution is led by the latest threat intelligence and safely emulates attack behaviors and malware within customer environments and aggregates, analyzes and reports on security controls ability to detect, prevent and generate alerts. Customers use validation findings to identify gaps in security defense, often due to equipment misconfigurations and environmental drift within the IT environment, as well as identify opportunities for optimization and cost rationalization. Security Validation may be used to automate testing and reporting of industry attack frameworks, including MITRE ATT&CK Framework and NIST, with an extensive content library of global threat actors and relevant threats powered by Mandiant Advantage Threat Intelligence.
The company’s Security Validation architecture includes extensive out-of-the-box integrations that span across organizations' entire security environment and authentically challenges security controls across the full attack life cycle, arming security leaders with data to quantify risk and prove security effectiveness and the value of their investments. Based on customer's desired business outcomes or specific threats, Security Validation is available as a cloud-based security-as-a-service or deployed as a virtual appliance on-premise, a SaaS solution or managed service overseen by Mandiant experts.
Mandiant Advantage Automated Defense is a cloud-native XDR solution that automates the analysis of data from control points, security solutions and analytics at machine-speed to identify and prioritize high risk security events for further investigation. Automated Defense uses artificial intelligence techniques, including probabilistic mathematics and an integrated reasoning engine to mimic the judgement of security analysts. Automated Defense integrates with security products from more than 65 security and IT vendors and is available as cloud-based software-as-a-service or a detection and response service or as a managed detection and response service overseen by Mandiant experts.
Managed Services: The company offers managed detection and response (MDR) and managed validation services overseen by Mandiant experts with frontline experience to augment internal security resources. The company’s Managed Defense MDR service is available to provide nights and weekends coverage, managed endpoint security, and managed security for industry control systems (ICS) and operational technology (OT) environments using the company’s detection and response technologies. Its Managed Validation service utilizes the company’s Security Validation software to test security effectiveness based on pre-defined customer parameters.
Professional Services
Mandiant professional services include industry-leading incident response, security assessment, transformation consulting and training services with remote and on-site tactical support. The company’s services help organizations effectively prepare for, prevent, investigate, respond to and remediate cyber-attacks to minimize the impact of an attack before, during and after an incident.
Incident Response Services: Mandiant incident response services include investigation, containment, remediation and crisis management services to help organizations resolve security incidents quickly. The company also offers compromise assessments to help clients understand if they are compromised and incident response retainers to pre-negotiate rates and establish an SLA.
Security Assessment Services: The company’s security assessment capabilities cover a broad spectrum of offerings that help organizations evaluate their ability to prevent, detect, respond, and contain cyber threats before they disrupt the business. Services include security program assessments covering the entire enterprise, including cloud and remote access environments, ransomware, cybersecurity risk, security due diligence, insider threats and industrial controls. The company also offers response readiness assessments and tabletop exercises to help organizations test their incident preparedness and hone their skills. Additionally, it can help organizations evaluate their ability to detect and respond to attacks with red and purple team exercises and penetration testing, as well as a number of targeted assessment services covering specific components of the enterprise environment.
Security Transformation Services: The company’s cyber threat intelligence and cyber defense operations transformation services help organizations build, develop, and mature their cyber defense capabilities by improving an organizations detection, response, containment and remediation capabilities. Mandiant Consulting provides hand-on support to design and implement and operate cyber threat intelligence and incident response processes and solutions within the existing cyber defense environment.
Cybersecurity Training: The company offers instructor-led and self-paced online courses to its customers and channel partners through its training department and authorized training partners. Courses draw from the full spectrum of Mandiant capabilities, including advanced cyber threat intelligence analysis, frontline incident response expertise, red teaming and malware reversing developed by Mandiant experts.
Mandiant Expertise On Demand: Expertise On Demand is an annual subscription for flexible, pay-per-use access to the company’s threat intelligence and expertise as microservices. Customers purchase packages of units based on their anticipated needs and use the units to access threat intelligence and Mandiant services, including the company’s incident response retainer at pre-determined unit values. Unused units typically expire one year after purchase.
Technologies
The company has developed proprietary technologies related to machine-based threat detection, continuous security controls validation, security orchestration, and automated extended detection and response. Its technologies leverage its frontline intelligence about threat actors’ tools and techniques, gathered through its incident response and security assessment engagements, the analysis of its machine-generated threat intelligence, and the company’s network of security researchers, to adapt to new threats and changes in the threat environment. The company uses its technology in the delivery of its services.
Security Validation: The company’s security validation software is designed to emulate attacker TTPs, including malware and ransomware, to safely deploy and execute code within customer production IT environments to understand an organization's level of cyber preparedness.
Automated Extended Detection and Response: The company’s XDR technology uses multiple AI and machine-learning capabilities, including integrated reasoning, dynamic scoping and reprioritization, and probabilistic mathematics, to mimic security experts’ judgement at machine-speed in the investigation, scoping and prioritizing of security alerts. The AI and machine-learning models are trained using Mandiant frontline intelligence and expertise to learn from, and adapt to, the evolving threat environment.
Evolved Security Architecture and Security Orchestration: The company’s products, SaaS solutions, and services are designed to operate as part of a comprehensive security architecture to defend organizations against cyber threats and minimize the business impact of cyber-attacks through efficient security operations and validation of security effectiveness. The ability to monitor and inspect network and email traffic, as well as stored files and forensic data, cloud activity, and equipment configurations is critical to detecting cyber threats and reducing the risk of a costly cyber breach. The company combines this visibility with its dynamic, contextual and strategic threat intelligence, case management tools and AI-based XDR engine to enable rapid, prioritized responses to critical alerts. The company’s SOAR tools and technologies integrate with Helix and its XDR solutions to extend security processes and response activities across the IT infrastructure.
Customers
The company’s customer base has grown to approximately 5,300 end-customers as of December 31, 2021, approximately 48% are included in the Forbes Global 2000. The company provides security control products, SaaS solutions and services to customers of varying sizes, including enterprises, governmental agencies, and educational and nonprofit organizations.
The company’s customers include leading enterprises in a diverse set of industries, including telecommunications providers, financial services entities, software, technology and Internet companies, stock exchanges, electrical grid operators, networking vendors, oil and gas companies, healthcare and pharmaceutical companies and leading U.S. and international governmental agencies.
Sales and Marketing
Sales: The company’s sales organization consists of in-house sales teams who work in collaboration with external channel partners to identify new sales prospects, sell additional subscriptions and services, and provide post-sale support. Its field sales team is organized by territory and is responsible for enterprise and government accounts within their region. The company’s inside sales organization is responsible for sales to medium-sized and smaller organizations, and for renewal of existing subscriptions.
The company also has a dedicated team focused on channel sales who manage the relationships with its value-added reseller and distributor partners and work with these channel partners to win and support customers.
The company has also cultivated alliances with non-traditional partners to generate customer referrals and extend its technologies, services and sales coverage to new market segments. These strategic partnerships include relationships with technology companies, insurance providers, large systems integrators, and managed service providers. The company has engaged in joint solution development with leading providers of software engineering services, payment systems, and public cloud platforms.
As part of the company’s strategy to increase adoption of its Mandiant Advantage platform and modules, the company offers free access to publicly available threat intelligence enhanced with Mandiant threat scoring and other contextual information.
Competition
The company’s competitors are large companies, such as IBM, Oracle and HPE; independent security vendors, such as Palo Alto Networks, Proofpoint and CrowdStrike; providers of managed security services, such as CrowdStrike, Arctic Wolf; and Rapid7 and other providers of MDR and security consulting services.
History
The company was founded in 2004. It was incorporated in 2004 under the laws of the state of Delaware. The company was formerly known as NetForts, Inc. and changed its name to FireEye, Inc. in 2005. Further, the company changed its name to Mandiant, Inc. in 2021.
The Analyst Price Target shows the analysts’ low, high, and average target at a glance.
