Tabletop Exercise

Test your organization’s cyber incident response plan with scenario gameplay

The Tabletop Exercise evaluates the tools, processes and expertise your organization uses to respond to cyber attacks. Mandiant consultants challenge executive and technical participants with multiple scenarios based on real-world experience in a roundtable environment. This fully inclusive process provides critical feedback on your executive strategies and technical areas of risk in a roundtable environment.

general-desktop-office
 

Benefits

  • Conduct quick, efficient, non-invasive evaluations
  • Identify gaps between documented and expected responses and actual behavior
  • Get recommendations for improvement informed by real-world incident response best practices

What You Get

  • Executive briefing on lessons learned from the exercises that includes a summary of how participants worked with their incident response plan, communications plan and escalation procedure
  • Post-action report with a timeline of events, detailed analysis of participant activities and strategic recommendations for improving detection, response, containment and remediation

M-Trends 2016: A True Picture of the Threat Landscape

This report details the findings of our consultants, based on their experiences responding to incidents over the past year.

Download Report


Our Approach

Step 1

Scenario Planning and Development

Mandiant experts first take about a week to gather information on your organization’s threat profile, operational environment and specific areas of concern. They also develop scenarios with variations based on realistic attacker behavior, techniques and tactics demonstrated in actual incident response situations.

Step 2

Scenario Gameplay

During the onsite roundtable workshop conducted with stakeholders in your organization, a Mandiant guide introduces these scenarios to participants. Mandiant professionals observe gameplay to determine how closely participant actions and decisions adhere to documented organizational plans and procedures and Mandiant-recommended best practices.

Step 3

Final Report

After the roundtable workshop, a Mandiant consultant shares his/her observations at an initial in-person briefing and delivers a written report that includes a step-by-step summary of scenario inputs and responses for threat detection, response, containment and remediation.