Response Readiness Assessment
Assess and improve your ability to detect, respond to, and contain advanced attacks
Based on our extensive knowledge of leading practices and experience responding to critical security incidents, the Response Readiness Assessment helps you review your security operations center and incident response capabilities. With a Response Readiness Assessment, you can determine where your program needs to go and how to get there.
Over the course of the Response Readiness Assessment, we compare your current practices to our six core capability model. We then test your program using real-life scenarios our consultants experience every day. Finally, we give you a roadmap with detailed recommendations for how to build, mature, and sustain your security program.
Assess Your Capabilities
During the first phase of the Response Readiness Assessment, we examine your ability to detect, respond to, and contain threats. Mandiant consultants collect and review your SOC workflow, threat intelligence, and incident response program documentation to compare your current practices to industry best practices. Detailed interviews of your staff help us understand the your program's unique processes.
We put your processes to the test with tabletop exercises. Our consultants work with you to customize a scenario that simulates an incident. Common scenarios include system compromise, leaks of Personally Identifiable Information (PII), inappropriate data use, and threatening emails. During the exercise, we assist and evaluate your efforts from initial detection to resolution.
Recommendations and Roadmap
We provide you with a final report and presentation that blends our review of your procedures, your staff’s insights, and our observations during the exercise. Consultants working on the Response Readiness Assessment compare your program to applicable legal or regulatory requirements and industry best practices, and highlight your program’s strengths and opportunities for improvement.