The global outbreak of Covid-19 has not just been a coronavirus pandemic, but also a cyberthreat pandemic. In April this year, the World Health Organisation reported a five-fold increase in cyberattacks since the beginning of the pandemic, with the Asia Pacific region experiencing a higher attack rate of 3% compared to 1.4% globally. The Cybersecurity Agency of Singapore also reported a 50% increase in cybercrimes in 2019.
Against this backdrop of a more vulnerable online environment, Mandiant Threat Intelligence - a division of cyber security firm FireEye - has developed a cutting-edge Software-as-a-Service (SaaS) platform to protect firms as they increasingly shift business operations online onto cloud platforms. With firms now experiencing a higher attack surface area due to greater prevalence of online remote working, a comprehensive, online cybersecurity platform is more important than ever to combat cyberthreats.
Known as Mandiant Advantage, the platform combines Mandiant Threat Intelligence with data from the frontlines of Mandiant’s industry-leading cyber incident response engagements. Via a user-friendly interface, users are able to access relevant and timely critical threat intelligence to their organisations.
This move comes on the back of an increasing shift on FireEye’s part to offer, via Mandiant, a more comprehensive suite of controls agnostic cyber security solutions. On September 15, FireEye announced the formation of Mandiant Solutions, integrating FireEye’s Threat Intelligence arm (Mandiant Threat Intelligence) and Verodin, now Mandiant Security Validation with Mandiant’s existing Consulting and Managed Defence services to offer clients a more integrated response to cyberthreats.
“For years, Mandiant Threat Intelligence has led the industry with the highest quality reporting that comprehensively details the threat environment, enabling organizations to prioritize threats and manage cyber security risk,” says Sandra Joyce, executive vice president of Mandiant Threat Intelligence at FireEye.
“We are now making emerging intelligence accessible to all defenders as it is discovered, regardless of the technology they have deployed,” she adds.
Cyberwarfare can happen quickly and unpredictably. Having the most updated intelligence is key. Mandiant Advantage provides organizations with information on active threats as they emerge, providing them with more immediate and direct access to underlying data.
On top of detailed threat intelligence reports by Mandiant’s team of 300 intelligence analysts, users can now observe cyber security trends through a colour-coded interface that provides actionable threat intelligence in real-time. Firms can thus make a more rapid and data-driven response to cyberattacks, empowering them to take a more proactive approach to cybersecurity.
At a more strategic level, Mandiant Advantage also boasts a “rogue’s gallery” of bad actor clusters and attack types. Mandiant Advantage shares detailed information on malware and bad actors including target industries and regions as well as related malware used. The interface also allows users to easily create a colour-coded heat map comparing the modus operandi of cyberthreats. This information can be accessed easily on web-based platforms through a browser plug-in.
“Lots of vendors say that they have the leading threat intelligence, however, the focus is typically on inputs,” adds Chris Kissel, research director, worldwide security & trust products at IDC. “By consolidating expertise backed products and services under Mandiant, customers get a vendor agnostic view into the effectiveness of outcomes,” he adds. Going forward, the team aims to improve the customisability of Mandiant Advantage to serve the bespoke needs of individual clients.
FireEye does not intend for Mandiant Advantage to remain the sole preserve of larger and wealthier firms.
The firm is offering its basic user interface and basic news analysis free-of-charge, and users can then add on paid services such as vulnerability risk analysis and technical research findings for a price with the Security Operation and Fusion packages.
By doing so, says Jayce Nichols, vice president, threat intelligence, smaller firms without bespoke threat analysts are often better served by Mandiant Advantage’s real-time interface as opposed to traditional intelligence reports.
Ultimately, the key advantage of Mandiant Advantage remains the sheer depth of FireEye’s database and experience with countering cyberthreats, says Nichols. “We are conducting hundreds of incident response engagements and spending hundreds of thousands of hours every single year responding to breaches. That is insight that most other competitors do not have,” he says.
