Cyber Threat Intelligence Services

Improve your threat intelligence capabilities

Cyber Threat Intelligence Services design and build cyber threat intelligence (CTI) processes and solutions within your security operations to optimize your ability to consume, analyze and apply threat intelligence to protect the business. Our services focus on strategic planning, threat communications, technical solutions and workforce expertise required to implement an intelligence-driven cyber security program.



Mandiant, a FireEye company, has over a decade of experience at the forefront of cyber security and cyber threat intelligence (CTI). This has enabled us to build unparalleled intelligence operations collecting, analyzing and disseminating threat intelligence to our customers, as well as helping organizations develop their own intelligence-led security operations. Based on expertise, Mandiant has developed the Cyber Threat Intelligence Services to help organizations build, mature and sustain intelligence-led security operations customized to their unique needs.

Choose from these Services

Whether combined or delivered separately, cyber threat intelligence services support the development and maintenance of a comprehensive threat intelligence program.

Threat Intelligence Foundations (TIF)

Threat Intelligence Foundations (TIF)

Establish the basic building blocks for developing threat intelligence capabilities. Identify relevant threats, the stakeholders who require visibility and the pragmatic practices for effective delivery and consumption.

Cyber Threat Diagnostic (CTD)

Cyber Threat Diagnostic (CTD)

Build a baseline threat profile that includes the motives, intentions and capabilities of threat actors targeting your business. Each custom profile is built by analyzing threat activity on your network logs as well as observations from the global digital underground.

Download the Datasheet  

Intelligence Capability Assessment (ICA)

Intelligence Capability Assessment (ICA)

Evaluate the effectiveness of your current threat intelligence capabilities and the integrated throughput of intel across multiple I.T.-related domains and disciplines.

Intelligence Capability Uplift (ICU)

Intelligence Capability Uplift (ICU)

Develop a world-class threat intelligence program that includes scalable, repeatable processes for the collection, analysis and dissemination of intelligence throughout the organization.

Analytic Tradecraft Workshop (ATW)

Analytic Tradecraft Workshop (ATW)

Host a one-day team workshop to enhance the analytical skillsets necessary to support your organization’s threat intelligence capabilities in-house.

Hunt Mission Training (HMT)

Hunt Mission Training (HMT)

Host a tactically-focused workshop to guide staff in the intelligence-driven approach to proactively identifying active or nascent threats. The workshop is tailored for SOC, IR and tactical intelligence analysts responsible for advanced threat detection activities.


  • Anticipate, identify and prioritize threats to reduce exposure and adapt defenses.
  • Assess risk based on the adversary's motivation, capability and impact.
  • Contextualize and communicate cyber threats across business operations.
  • Better align security resources to the most relevant, impactful threats.

M-Trends 2018: Understanding Today’s Cyber Attacks

Explore the latest and greatest trends that define today’s threat landscape, based on Mandiant’s investigation of the most successful cyber attacks of the past year.

Download report

Intelligence First: How Threat Intelligence Enriches Security Consulting Services

Today’s security executives face ever-evolving cyber threats, limited budgets and a shortage of skilled professionals. That’s why many are seeking out cyber security consulting services to help them detect, prevent and respond to threats.

Learn more


“Cyber threat intelligence services help extend threat communications to stakeholders across the entire organization for efficient response to cyber threats.”

Our Approach

Cyber Threat Intelligence Services range in size and scope. All outcomes are focused on increasing an organization’s ability to identify, contextualize, adapt to, anticipate and communicate the threats it encounters, resulting in enhanced capabilities such as:

Programmatic CTI Consumption and Integration

Develop the ability to implement a set of CTI practices, capabilities or an entire program, capable of consuming and applying CTI to reduce long term risk and integrate CTI into key cybersecurity capabilities.

Strategy and Process

Develop a strategic roadmap to enhance security maturity using an intelligence-driven methodology. Key security and business process components recognize and include threat intelligence.

Threat Awareness and Skill Enhancement

Teams and individuals within the organization have a greater understanding of the threats it faces, with enhanced skills related to consuming, analyzing, applying and communicating threat intelligence.