Features

MITRE ATT&CK framework mapping

Assess if your security tools and processes will effectively protect your organization against real-world targeted attacks. Mandiant frontline intelligence from the latest incident response engagements provides the latest adversary tactics, techniques, and procedures (TTPs), and maps to commonly used techniques and frameworks, such as MITRE ATT&CK and NIST.

Automated environmental drift detection and alerting

Advanced Environmental Drift Analysis (AEDA) empowers you to continuously test your environment for both historical and new threats, providing timely alerts for any defensive regressions.

Real-world attack emulation

Emulation goes beyond breach and attack simulation (BAS). Protected Theater enables you to safely run destructive endpoint tests. It also enables you to run email-based tests onsite or in the cloud with the Cloud Validation Module (CVM). Then, assess your entire attack surface for human faults to your digital estate.

How It Works

Deploy the "director" and "agents" (or "actors") to a SIEM, EDR, DLP, or any other security control. The director acts as the brains of the operation, providing emulation content to the agents, which perform configuration verification and automated security control testing.

Mandiant Security Validation UI image featuring the Effectiveness Gauges, which provide a visual of how the tested security controls have performed against emulated tactics, techniques, and procedures (TTPs).

Common Uses

Test network, endpoint, email controls

Put the efficacy of your security controls to the test and continually monitor for risks in firewalls, IDS/IPS, proxy servers, DLP, EDR, and uncorrelated SIEM events. Provide guidance for improvement of security controls implementations and automatically detect environmental drift to ensure those improvements are maintained over time.

    Put the efficacy of your security controls to the test and continually monitor for risks in firewalls, IDS/IPS, proxy servers, DLP, EDR, and uncorrelated SIEM events. Provide guidance for improvement of security controls implementations and automatically detect environmental drift to ensure those improvements are maintained over time.

      Test for human error

      Running multiple systems on multiple environments brings complexity. Handling an ever-growing amount of threats brings fatigue and inconsistency. Find human errors in configurations, settings, and inconsistent testing scenarios.

        Running multiple systems on multiple environments brings complexity. Handling an ever-growing amount of threats brings fatigue and inconsistency. Find human errors in configurations, settings, and inconsistent testing scenarios.

          Mitigate acquisition risk

          During the due diligence period of acquisitions and mergers, use Security Validation to ensure there are no gaps or critical misconfigurations in your target acquisition’s posture and security controls, and to resolve any that may be identified.

            During the due diligence period of acquisitions and mergers, use Security Validation to ensure there are no gaps or critical misconfigurations in your target acquisition’s posture and security controls, and to resolve any that may be identified.

              Pricing

              How pricing worksMandiant Security Validation pricing starts with the “director” (the base platform), then it is priced based on the number of “actors” (agents) deployed. Add-on features are available.
              SubscriptionDescriptionPrice

              SaaS module

              Measure security control effectiveness using real-world emulated attacks.

              Connect with sales to discuss tailored enterprise pricing. 

              How pricing works

              Mandiant Security Validation pricing starts with the “director” (the base platform), then it is priced based on the number of “actors” (agents) deployed. Add-on features are available.

              SaaS module

              Description

              Measure security control effectiveness using real-world emulated attacks.

              Price

              Connect with sales to discuss tailored enterprise pricing. 

              GET A DEMO

              See Mandiant Security Validation in action.

              TALK TO SALES

              Contact us today to explore Mandiant Security Validation.

              Learn about Mandiant Security Validation

              Talk with the experts

              Need more information?

              Learn how to emulate real-world attacks

              Ransomware repurposing

              MITRE ATT&CK mapping

              FAQ

              What are the outcomes of security validation?

              Data captured by Security Validation enables security teams to identify gaps, misconfigurations, redundancies, lack of accurate SIEM correlation and alerting within a security program, and opportunities for continuous optimization and measurements of improvement over time.

              - Evidence of security effectiveness (security infrastructure health)

              - Demonstrated value of security investments (spend rationalization)

              - Quantitative reporting to executives and non-technical stakeholders

              - Security framework assessments (MITRE ATT&CK Framework or NIST)

              - Technology evaluations

              - Operationalization of threat intelligence and threat actor assurance

              - Advanced malware and ransomware defense validation

              - Mergers and acquisitions

              - Cloud controls validation

              Security Validation leverages timely threat intelligence and automated, continuous testing of security controls using real-world attack simulations. This approach can provide quantifiable insight into security control performance under attack, enabling the identification of gaps, misconfigurations, and areas for improvement to continuously optimize security defenses against the most relevant threats.

              Yes, Mandiant Security Validation can safely test an organization’s ability to detect or prevent malware and ransomware attacks.

              Make Google part of your security team
              Google Cloud
              • ‪English‬
              • ‪Deutsch‬
              • ‪Español‬
              • ‪Español (Latinoamérica)‬
              • ‪Français‬
              • ‪Indonesia‬
              • ‪Italiano‬
              • ‪Português (Brasil)‬
              • ‪简体中文‬
              • ‪繁體中文‬
              • ‪日本語‬
              • ‪한국어‬
              Console
              Google Cloud