Threat Landscape

Attackers Get Through Conventional Safeguards Every Day

Malware Only Tells Half of the Story

When your defenses are circumvented you want to be the first to know. To respond, you need evidence of the compromise. While malware is an element, 46% of compromised machines have no malware on them. To scope and combat targeted attacks you need to find all evidence of compromise.

  • Unauthorized Use of Valid Accounts

  • Trace Evidence & Partial Files

  • Command & Control Activity

  • Known & Unknown Malware

  • Suspicious Network Traffic

  • Valid Programs Used for Evil Purposes

  • Files Accessed by Attackers

Evidence Of Compromise. It’s Much More Than Malware.

It's a "Who" not a "What";
Targeted Attackers Are Professional,
Organized & Well-Funded.

When a determined attacker has targeted you they can be relentless. They pick their targets for a reason. They know what they are looking for and they move with lightning speed to get what they want.

Anatomy of an Attack
Watch this Video

Attackers target human vulnerabilities to steal your data.

Provides Actionable Analysis of Attacker Activity

Analysts investigate incidents promptly, classify the risk, provide details on what is happening and recommend how to contain the threat.

Provides Actionable Analysis of Attacker Activity

Analysts investigate incidents promptly, classify the risk, provide details on what is happening and recommend how to contain the threat.

The Facts Speak for Themselves

There is no such thing as perfect security. Attackers get smarter and change tactics all of the time. Companies who have made responsible and sustained investments in IT continue to be compromised.

100%

of victims have up-to-date anti-virus software

63%

of breaches are reported by third parties

243

median number of days advanced attackers are on the network before being detected

100%

of breaches involved stolen credentials

Different Threat Actors Have Different Motivations... And Tactics

To combat advanced attackers you need to know what they are looking for and how they operate. Mandiant understands the threats you face because we’re on the front lines every day.

Nuisance Threats
Nuisance Threats
Objective:

Launch Points & Nuisance

Examples
  • Botnets
  • Spam
Characteristics

Neither targeted nor persistent.

Targets
  • Anyone, including individuals, small companies and large enterprises.
Economic Espionage
Economic Espionage
Objective:

Economic Advantage

Examples
  • Advanced Persistent Threat
Characteristics
Targeted Persistent
Targets
  • Virtually any industry with an emphasis on blue chip companies.
ORGANIZED CRIME
Organized Crime
Objective:

Economic Advantage

Examples
  • Advanced Persistent Threat
Characteristics
Targeted Persistent
Targets
  • Virtually any industry with an emphasis on blue chip companies.
Hacktivists
Hacktivists
Objective:

Defamation & Public Policy

Examples
  • Anonymous
  • LulzSec
Characteristics
Targeted
Targets
  • Any organization.