Insider threat consulting

Uncover and manage insider threats by implementing risk-based security program capabilities.

Mandiant provides protection against insider threats for all stages of the attack life cycle. Our purpose-built services assess your existing insider threat program and build effective security program capabilities to stop these threats in their tracks.

Get started for free

Services at a glance

Mandiant offers an Insider Threat Program Assessment as a point-in-time evaluation of existing insider threats in your specific environment, while the Insider Threat Security-as-a-Service provides an operational security program to ensure effective and continuous insider threat prevention, detection, and response.

	Insider Threat Program Assessment	Insider Threat Security-as-a-Service
What	Identifies weaknesses and vulnerabilities within existing insider threat safeguards Guidance to improve insider threat program capabilities, reduce risks, and mitigate	Subscription-based Provides continuous, full-spectrum insider threat visibility and effective insider threat prevention for ongoing operational security program support
Who	Security-conscious organizations looking to enhance or develop their insider threat program	Organizations with growing remote workforces and/or sensitive data with breach potential
How	Workshops Gap and vulnerability identification against 3 domains: people, processes, and tools Led by frontline Mandiant incident responders	Ongoing insider threat monitoring that includes dark web keyword monitoring for: Insider threat investigation support Possible data leaks Dark web chatter related to potential future business efforts
Outputs	Plans for developmental support and improvement including: Tailored recommendations Actionable roadmap for immediate and long-term program needs	Executive briefings and insider threat profiles based on our findings of program strengths and weaknesses Insider threat intelligence specific to those identified in your environment
Differentiator	Three-tiered model offering to service new and existing insider threat programs Advanced service tier includes the power of third-party partnerships	Mandiant Threat Intelligence

Insider Threat Program Assessment

Insider Threat Security-as-a-Service

What

Identifies weaknesses and vulnerabilities within existing insider threat safeguards
Guidance to improve insider threat program capabilities, reduce risks, and mitigate

Subscription-based
Provides continuous, full-spectrum insider threat visibility and effective insider threat prevention for ongoing operational security program support

Who

Security-conscious organizations looking to enhance or develop their insider threat program

Organizations with growing remote workforces and/or sensitive data with breach potential

How

Workshops

Gap and vulnerability identification against 3 domains: people, processes, and tools
Led by frontline Mandiant incident responders

Ongoing insider threat monitoring that includes dark web keyword monitoring for:

Insider threat investigation support
Possible data leaks
Dark web chatter related to potential future business efforts

Outputs

Plans for developmental support and improvement including:

Tailored recommendations
Actionable roadmap for immediate and long-term program needs

Executive briefings and insider threat profiles based on our findings of program strengths and weaknesses
Insider threat intelligence specific to those identified in your environment

Differentiator

Three-tiered model offering to service new and existing insider threat programs
Advanced service tier includes the power of third-party partnerships

Mandiant Threat Intelligence

Mandiant can help you

Reduce operational risk and minimize impact of insider threat incidents and data theft.

Improve insider threat security program based on actual findings and leadership consensus.

Prioritize insider threat security program budget and resources.

Identify gaps in your technology stack’s ability to properly detect and prevent insider threats.

Increase organizational return on investment.

More about our partnerships

We’ve partnered with innerActiv and Strider Technologies to achieve full visibility of your environment using proprietary technologies and tradecraft to determine if insider threats ranging from advanced state-sponsored espionage to unintentional insiders are present.

innerActiv

innerActiv is an insider threat-focused endpoint detection for insider threat (EDR-InT) and response solution that complements traditional endpoint security products to detect state-sponsored espionage and advanced corporate insider threats.

Strider Technologies

Strider aims at protecting companies, universities, research institutions, and government agencies from state-sponsored intellectual property theft and talent solicitation risks. Strider's zero-touch architecture and technical integration provides actionable insights to identify high-risk, state-sponsored activities that illuminate potential in-network intellectual property theft, compliance, and talent solicitation risks.

DTEX Systems

DTEX InTERCEPT™ consolidates data loss prevention, user activity monitoring, and user behavior analytics in one lightweight platform to enable organizations to achieve a trusted and protected workforce. Backed by behavioral science, powered by AI, and used by governments and organizations around the world, DTEX is the trusted authority for protecting data and people at scale with privacy by design.

Learn more about our partnership