Tabletop Exercise

Test your organization’s cyber incident response plan with scenario gameplay

The Tabletop Exercise evaluates the tools, processes and expertise your organization uses to respond to cyber attacks. Mandiant consultants challenge executive and technical participants with multiple scenarios based on real-world experience in a roundtable environment. This fully inclusive process provides critical feedback on your executive strategies and technical areas of risk in a roundtable environment.


What you get

  • Executive briefing on lessons learned from the exercises that includes a summary of how participants worked with their incident response plan, communications plan and escalation procedure
  • Post-action report with a timeline of events, detailed analysis of participant activities and strategic recommendations for improving detection, response, containment and remediation


  • Conduct quick, efficient, non-invasive evaluations
  • Identify gaps between documented and expected responses and actual behavior
  • Get recommendations for improvement informed by real-world incident response best practices

M-Trends 2017: Trends behind today’s breaches and cyber attacks

Explore the trends that define today’s threat landscape based on Mandiant’s investigation of the year’s successful breaches and cyber attacks.

Download report

M-Trends 2017 Infographic

Explore the trends and get statistics based on Mandiant’s investigation of the year’s successful breaches and cyber attacks across the globe.

Learn more

Our Approach

Step 1

Scenario Planning and Development

Mandiant experts first take about a week to gather information on your organization’s threat profile, operational environment and specific areas of concern. They also develop scenarios with variations based on realistic attacker behavior, techniques and tactics demonstrated in actual incident response situations.

Step 2

Scenario Gameplay

During the onsite roundtable workshop conducted with stakeholders in your organization, a Mandiant guide introduces these scenarios to participants. Mandiant professionals observe gameplay to determine how closely participant actions and decisions adhere to documented organizational plans and procedures and Mandiant-recommended best practices.

Step 3

Final Report

After the roundtable workshop, a Mandiant consultant shares his/her observations at an initial in-person briefing and delivers a written report that includes a step-by-step summary of scenario inputs and responses for threat detection, response, containment and remediation.