FireEye Stories Blog

Introducing Mandiant Automated Defense: Rounding Out Mandiant Advantage With Automated Triage at Machine Speed

Today we are launching a powerful new weapon for cyber security defenders with the introduction of Mandiant Automated Defense, a scalable, automated SaaS-based solution to help security team detect and respond to the alerts that matter—fast. Mandiant Automated Defense is the newest tool in the Mandiant Advantage platform in a multi-vendor XDR capability to help organizations solidify their security posture. This newest Mandiant Advantage module addresses the people, process, and technology challenges security teams face by bringing Mandiant's front-line expertise and intelligence to alert investigation automation for customer security operations centers (SOC).

In the ongoing battle between cyber attackers and defenders, Mandiant Automated Defense, formerly Respond Software’s virtual analyst product, enables CISOs and their teams to gain the upper hand in cyber warfare. The detection and response module combines machine learning with Mandiant's expert threat intelligence to conduct an automated triage process at machine speed, investigating alerts and prioritizing detections while minimizing false positives. This capability enables SOC teams to investigate threats that matter, simplify security operations at scale, and unify your security data to prioritize and focus on the most relevant threats.

Even organizations with sophisticated security programs struggle to protect against the ever-widening threat landscape and understand and respond to the threats that matter most. In February 2021 alone, Mandiant Automated Defense reduced more than 52 billion customer alerts to less than 700 prioritized investigations that required attention, significantly reducing time wasted on chasing false positives.

Mandiant Automated Defense combines with Mandiant Security Validation and Mandiant Threat Intelligence to quickly identify relevant threats and take appropriate action, shifting the focus of the SOC away from controls to four key high-impact areas:

  • Leverage threat intelligence and prioritize the threats that matter most
  • Continuously validate performance of security controls, people, and processes that protect the organization
  • Enhance automation of processes and leverage expert managed services across all capabilities
  • Gain quantifiable metrics that demonstrate a strong security posture to business leadership

Supporting more than 60 security technologies, cloud platforms and network management tools, the Mandiant Advantage SaaS platform works with best-of-breed, multi-vendor controls to deliver world-class XDR capabilities. The Mandiant Advantage platform now includes three modules:

  • Mandiant Threat Intelligence
  • Mandiant Security Validation (formerly Verodin)
  • Mandiant Automated Defense (formerly Respond Software)

By leveraging Mandiant’s scalable detection and response capabilities, combined with the ability to measure and prove security effectiveness against the threats that matter most, CISOs can streamline operations and concentrate resources where they will have the greatest likelihood of success. Security leaders can then rationalize their security program by identifying areas where more spending may be needed or areas where costs can be cut without impacting risk. Ultimately, Mandiant Automated Defense and the Mandiant Advantage Platform help enable security leaders to give the C-suite confidence that digital assets are protected and compliant.