Led by Intelligence, New Mandiant Offerings Test People, Process, and Technologies to Determine Weaknesses in Networks, IoT devices, and ICS, and Improve Incident Response
FireEye has announced the launch of Mandiant Red Team Operations, a set of objectives-based assessments that conduct no-holds-barred attacks on organisations to highlight weakness in systems or procedures and to enhance detection and response capabilities. Additionally, Mandiant Penetration Testing was also announced on the 23rd of March, offering eight highly customisable penetration test types including penetration tests that assess Industrial Control Systems (ICS), Internet of Things (IoT) devices, and Mobile Applications and Devices. Both service offerings are available now.
Red Team Operations provide two types of assessments that seek to accomplish certain breach-related objectives using FireEye’s nation-state grade intelligence and emulating the tools, tactics, and procedures (TTPs) of the most advanced threat actors. The two offerings, designed to utilise unique Mandiant methodology that does not harm business operations or data, are:
- Red Team Assessment: a full-scale attack focused on accomplishing specific goals related to organisations’ most critical assets – obtaining sensitive communications or data, breaking an application, or taking control of automated devices – that tests organisations’ security posture with or without prior knowledge of when.
- Red Teaming for Security Operations: directly analyses security operations by adding dedicated incident responders to existing security teams during a Red Team Assessment – overseeing detection and response processes and providing guidance afterwards. This service add the formal enhancement of organisations’ prevention, detection, and response capabilities.
“As we have seen over the last 12 years, determined threat actors will find a way into networks to carry out intellectual property theft, destroy systems, ransom or steal data, or conduct espionage and ultimately maintain their presence for as long as possible,” said Marshall Heilman, vice president and executive director, incident response and red team operations, FireEye. “Taking an intelligence-led approach, our Red Team Operations test organisations to their limits by staging attacks using the techniques of the most successful threat actors around the world in order to improve detection and response capabilities. We have even built tools to emulate certain attack group C2 protocols if you want to test your detection capabilities against a specific threat actor.”
For organisations looking to put certain technologies and systems under direct testing, Penetration Testing services from Mandiant identify and provide mitigation strategies for complex security vulnerabilities across any software, hardware, or network in an organisation. Penetration Testing from Mandiant utilises the same intelligence-led approach as Red Team Operations, applying knowledge of the most successful threat actors and adversary intelligence to conduct reconnaissance, identify vulnerabilities, exploit them, and carryout an attack.
Penetration Testing from Mandiant can be customised for:
- Embedded Device/Internet of Things (IoT) Assessments
- ICS Penetration Assessments
- Mobile Device Assessments
- External Penetration Tests
- Internal Penetration Tests
- Web Application Assessments
- Wireless Technology Assessments
- Social Engineering
“IoT and mobile devices are exponentially expanding the vulnerabilities of organisations as their adoption outpaces security teams’ ability to properly vet and secure them. Additionally, the focus on security around ICS has never been greater as fear of attack on infrastructure grows. Our decade of knowledge on how determined adversaries identify and exploit vulnerabilities and domain expertise in these emerging and critical technologies enables us to provide comprehensive recommendations to improve security postures,” added Heilman.
For more information about Mandiant Services, please visit: https://www.fireeye.com/services.html.
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 4,400 customers across 67 countries, including more than 680 of the Forbes Global 2000.