Mandiant Security Validation
Measure your cyber defense effectiveness
Proactively test and validate the effectiveness of your security controls to help protect your organization's critical assets.
Features
MITRE ATT&CK framework mapping
Assess if your security tools and processes will effectively protect your organization against real-world targeted attacks. Mandiant frontline intelligence from the latest incident response engagements provides the latest adversary tactics, techniques, and procedures (TTPs), and maps to commonly used techniques and frameworks, such as MITRE ATT&CK and NIST.
Automated environmental drift detection and alerting
Advanced Environmental Drift Analysis (AEDA) empowers you to continuously test your environment for both historical and new threats, providing timely alerts for any defensive regressions.
Real-world attack emulation
Emulation goes beyond breach and attack simulation (BAS). Protected Theater enables you to safely run destructive endpoint tests. It also enables you to run email-based tests onsite or in the cloud with the Cloud Validation Module (CVM). Then, assess your entire attack surface for human faults to your digital estate.
How It Works
Deploy the "director" and "agents" (or "actors") to a SIEM, EDR, DLP, or any other security control. The director acts as the brains of the operation, providing emulation content to the agents, which perform configuration verification and automated security control testing.
Common Uses
Test network, endpoint, email controls
Learning resources
Test for human error
Learning resources
Mitigate acquisition risk
Learning resources
Pricing
| How pricing works | Mandiant Security Validation pricing starts with the “director” (the base platform), then it is priced based on the number of “actors” (agents) deployed. Add-on features are available. | |
|---|---|---|
| Subscription | Description | Price |
SaaS module | Measure security control effectiveness using real-world emulated attacks. | Connect with sales to discuss tailored enterprise pricing. |
How pricing works
Mandiant Security Validation pricing starts with the “director” (the base platform), then it is priced based on the number of “actors” (agents) deployed. Add-on features are available.
SaaS module
Measure security control effectiveness using real-world emulated attacks.
Connect with sales to discuss tailored enterprise pricing.
GET A DEMO
TALK TO SALES
Learn about Mandiant Security Validation
Talk with the experts
Need more information?
Learn how to emulate real-world attacks
Ransomware repurposing
MITRE ATT&CK mapping
FAQ
What are the outcomes of security validation?
Data captured by Security Validation enables security teams to identify gaps, misconfigurations, redundancies, lack of accurate SIEM correlation and alerting within a security program, and opportunities for continuous optimization and measurements of improvement over time.
What are common use cases for security validation?
- Evidence of security effectiveness (security infrastructure health)
- Demonstrated value of security investments (spend rationalization)
- Quantitative reporting to executives and non-technical stakeholders
- Security framework assessments (MITRE ATT&CK Framework or NIST)
- Technology evaluations
- Operationalization of threat intelligence and threat actor assurance
- Advanced malware and ransomware defense validation
- Mergers and acquisitions
- Cloud controls validation
How does security validation work?
Security Validation leverages timely threat intelligence and automated, continuous testing of security controls using real-world attack simulations. This approach can provide quantifiable insight into security control performance under attack, enabling the identification of gaps, misconfigurations, and areas for improvement to continuously optimize security defenses against the most relevant threats.
Can security validation safely test against malware and ransomware attacks?
Yes, Mandiant Security Validation can safely test an organization’s ability to detect or prevent malware and ransomware attacks.
