M-unition -

Combining Intel Forces to Fight the Bad Guys

By on January 31, 2014

What’s the best way to get intelligence analysts to geek out? Let them sink their teeth into new piles of data! And that’s exactly what’s been happening here since the FireEye™ and Mandiant® intelligence teams joined forces. Our intel teams have been busy with show-and-tell, talking about the threat groups we’re tracking and their latest tactics. We’ve been swapping best practices and peeking behind the curtain at the vast repositories of data and experience both have amassed.

Our two companies bring a lot to the table when it comes to threat intel and its applications. FireEye recently published a blog post titled, “Getting Smart about Threat Intelligence.” In the post, they talk about the different types and sources of threat intelligence. FireEye and Mandiant collect intelligence on, and apply intelligence to, their products and services in complementary ways.

Mandiant, by virtue of our wealth of experience in incident response, has tremendous insight into how threat actors behave when they’re in a victim’s environment and on the host. Our lens is most focused on tracking threat actors and rooting them out. As a result of this particular focus, we’ve amassed years’ worth of data and knowledge on how malicious actors operate once they have gotten in the door. We know how they maneuver, what they target, and what’s been stolen. From this, we can make meaningful statements about the impacts of breaches and surrounding business risks that make companies vulnerable to cyber targeting.

FireEye focuses on detection capabilities in an earlier part of the kill chain. They too have a robust understanding of the array of threats impacting their customers across private sector companies, government agencies, and global enterprises. FireEye sees threat behavior that we may not see, and vice versa. Their worldwide footprint and ability to monitor different attack surfaces amplifies our intelligence, and ultimately our ability to understand, predict, and thwart the bad guys.

As a result of joining forces, we understand the threats that face our customers from soup to nuts — from identifying the exploit, spear phish or strategic web compromise, to recognizing the signs of lateral movement, understanding the breadth of data theft, and communicating the business risks posed by determined adversaries.

Combined, we can identify and stop threats more quickly, deftly communicate risks to our customers’ networks with greater detail and context, and limit the consequences of malicious activity. Our pairing – both from an analytic standpoint and a visibility perspective — also makes some data-loving, wonky intel analysts very, very happy!

Category: The Armory


    Leave a Comment

Get M-Unition in Your Inbox:

Follow @mandiant

Follow @mandiant on twitter.

Career Opps @ Mandiant

We’re growing fast, but we’re as demanding as ever. Our clients come to us in their hours of need, so we need the best. That means more than just the right education and the right experience in information security.

As Mandiant continues to grow, we are able to offer certain positions in multiple locations. For details on the location(s) of each opening, please refer to the position descriptions.

Click here to view available positions.