FireEye Unveils Mandiant Red Team Operations to Fight Cyber Attacks

FireEye Unveils Mandiant Red Team Operations to Fight Cyber Attacks
23.03.2016 12:45 pm

FireEye Unveils Mandiant Red Team Operations to Fight Cyber Attacks

Security

FireEye launches Mandiant® Red Team Operations, a set of objectives-based assessments that conduct no-holds-barred attacks on organizations to highlight weakness in systems or procedures and to boost detection and response capabilities. Additionally, Mandiant Penetration Testing was also announced today, offering eight highly customizable penetration test types including penetration tests that assess Industrial Control Systems (ICS), Internet of Things (IoT) devices, and Mobile Applications and Devices. Both service offerings are avalaible today.

Red Team Operations provide two types of assessments that seek to accomplish certain breach-related objectives using FireEye’s nation-state grade intelligence and emulating the tools, tactics, and procedures (TTPs) of the most advanced threat actors. The two offerings, designed to utilize unique Mandiant methodology that does not harm business operations or data, are:

  • Red Team Assessment: a full-scale attack focused on accomplishing specific goals related to organizations’ most critical assets – obtaining sensitive communications or data, breaking an application, or taking control of automated devices – that tests organizations’ security posture with or without prior knowledge of when.
  • Red Teaming for Security Operations: directly analyzes security operations by adding dedicated incident responders to existing security teams during a Red Team Assessment – overseeing detection and response processes and providing guidance afterwards. This service add the formal enhancement of organizations’ prevention, detection, and response capabilities.

“As we have seen over the last 12 years, determined threat actors will find a way into networks to carry out intellectual property theft, destroy systems, ransom or steal data, or conduct espionage and ultimately maintain their presence for as long as possible,” said Marshall Heilman, vice president and executive director, incident response and red team operations, FireEye. “Taking an intelligence-led approach, our Red Team Operations test organizations to their limits by staging attacks using the techniques of the most successful threat actors around the world in order to improve detection and response capabilities. We have even built tools to emulate certain attack group C2 protocols if you want to test your detection capabilities against a specific threat actor.”

For organizations looking to put certain technologies and systems under direct testing, Penetration Testing services from Mandiant identify and provide mitigation strategies for complex security vulnerabilities across any software, hardware, or network in an organization.             Penetration Testing from Mandiant utilizes the same intelligence-led approach as Red Team Operations, applying knowledge of the most successful threat actors and adversary intelligence to conduct reconnaissance, identify vulnerabilities, exploit them, and carryout an attack.

Penetration Testing from Mandiant can be customized for:

  • Embedded Device/Internet of Things (IoT) Assessments
  • ICS Penetration Assessments
  • Mobile Device Assessments
  • External Penetration Tests
  • Internal Penetration Tests
  • Web Application Assessments
  • Wireless Technology Assessments
  • Social Engineering

“IoT and mobile devices are exponentially expanding the vulnerabilities of organizations as their adoption outpaces security teams’ ability to properly vet and secure them. Additionally, the focus on security around ICS has never been greater as fear of attack on infrastructure grows. Our decade of knowledge on how determined adversaries identify and exploit vulnerabilities and domain expertise in these emerging and critical technologies enables us to provide comprehensive recommendations to improve security postures,” added Heilman.  

Related News

Retail cash automation market booms as global installations surpass 700,000

Latest research shows retailers across the world are investing in technology that improves cash management and boosts security

Market outside Japan... Read more »

Experian partners with Global Data Consortium to bolster international customer identity verification

Experian and identity verification provider Global Data Consortium (GDC) have today announced a new partnership which will transform customer onboarding journeys for both... Read more »

FICO Offers Free Cyber Risk Score 90-Day Trial in Europe

Cyber exposure is one of the most rapidly growing risks in today’s digital world. Almost daily, the media report on companies that have suffered data breaches where criminals... Read more »

Leading Firms Collaborate with Mastercard to Further Secure Open Banking Ecosystem

Mastercard announces three key financial firms as the latest companies to start using Mastercard Open Banking Protect, safeguarding organisations who manage... Read more »

iProov to provide biometric technology to challenger bank Knab, part of AEGON

Today, iProov is proud to announce that its technology is to be deployed by Dutch challenger bank Knab, to provide an effortless online biometric experience to its nearly 500,... Read more »

FICO Awarded 13 New Patents for Responsible AI, Fraud and Decision Management

Silicon Valley analytic software firm FICO has been awarded 13 new patents related to fraud, artificial intelligence (AI) and decision management. In total, FICO currently... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel