New Mandiant Offering: Response Readiness Assessment

Today, I am pleased to announce the release of Mandiant's newest Strategic Solutions offering: Response Readiness Assessment. In this post, I'll explain what the service provides, why our customer's requested such a service, and who can benefit from the Response Readiness Assessment offering.

Overview

In a nutshell, this new offering will give customers the ability to assess their capabilities to detect, respond and contain advanced attacks and recommend how they can improve their defense posture to find and stop attackers faster.

Offering Breakdown

How do we do this? Over the course of a year, Mandiant responds to hundreds of computer security incidents. The Response Readiness Assessment leverages that unparalleled experience to review a customer's Security Operations Center (SOC) and incident response capabilities against leading practices so they can effectively improve their defense posture and successfully find and stop advanced attackers quicker. All while keeping their organization out of the headlines.

During our assessment, we conduct an interactive series of workshops at our customer's office to review their ability to detect, respond, and contain advanced attacks by examining and baselining their current practices against our six-point capability model which includes: governance, people, communication, infrastructure, visibility, and response. Along with the workshops, we provide SOC and incident response (IR) staff and management with best practices related to workflow, incorporating threat intelligence into that workflow, SIEM integration into incident response, and a dynamic threat briefing aimed at detailing the recent indicators of compromise (IOC) and attacker trends that Mandiant tracks.

We then run the customer's organization through a specifically tailored tabletop exercise geared to test the implementation of their organization's documented policies, plans, and procedures. At the end of the engagement, we return to Mandiant, review all observations, and deliver the Response Readiness Assessment maturity score, supporting evidence, as well as a prioritized list of recommendations. These recommendations, or our Roadmap to Success, are broken out into short- and long-term benchmarks.

Offering Based on Customer Feedback

You may be asking, 'Why did they create this service?' This offering was developed and framed by Mandiant customer requests. Based on their feedback, Mandiant has created a Strategic Solutions team dedicated to the long-term strategic defense of our customers and their assets. The Response Readiness Assessment is the first step towards building these next generation defensive capabilities.

While current customers of Mandiant products and services will find the Response Readiness Assessment valuable, so too will companies and organizations who haven't worked with Mandiant in the past. Anyone who wants to gauge the efficiency or maturity of their detection and response capabilities, are unsure of their ability to detect, respond, and contain advanced attacks, want to build intelligence capabilities, or wonder if their incident response plan could be successfully implemented are all excellent candidates for the Response Readiness Assessment.

Conclusion

Now you may have noticed that earlier in the post I stated that the Response Readiness Assessment was the 'first step' towards maturing our customers' abilities to meet next generation challenges. My next post will define Mandiant's next generation center which infuses security monitoring, threat intelligence, and incident response. For now, let's just say it will have a significant intelligence component, and will really bring defensive capabilities to a whole new level!