Blog

Mandiant Is a Forrester Wave™ Cybersecurity Incident Response Leader

Nicholas Hornick, Jennifer Guzzetta
Mar 28, 2022
3 mins read
Incident Response
Mandiant

Mandiant was recently named a leader in The Forrester Wave™: Cybersecurity Incident Response Services, Q1 2022 report. Forrester identified 13 top companies in this space. Mandiant was recognized as a leader based on market presence, strategy, and current offering.  

Cybersecurity incident response involves so much more than just response. Taking incident response actions is often just the beginning because the work of rebuilding trust with key both internal and external stakeholders post-breach is equally as important for building future security and maturity in every organization.

In this 24-point criterion evaluation, Forrester grouped its criteria into three high-level categories:

  1. Strength of current offering: Incident preparation and simulation services, post-incident reporting and support, integration of legal and regulatory considerations into the incident response (IR) process and lifecycle, response and investigative capabilities in cloud and operational technology (OT)/industrial control systems (ICS) environments, and approach to talent management and IR team leadership and team structure.
  2. Strategy: Incident response vision, execution roadmap and planned enhancements, go-to-market approach, performance, and supporting products and services.
  3. Market Presence: Incident response-specific global revenue, and the number of incidents in the past 12 months in which the provider acted as lead investigator.

Forrester’s analysis uncovered and stated that Mandiant is CISO-tested, board-approved, and still very much Mandiant, even after its divestiture from FireEye back in 2021. That’s quite the compliment!

Forrester recognized that Mandiant offers integrations with key detection and response tools and other investigation inputs to make the most of a client’s existing environment. By the same token, Mandiant also pulls from an armory of battle-tested proprietary solutions, including its newly acquired attack surface management offering.

Mandiant was also cited for its expertise in advising a boardroom, but that doesn’t stop with executive clients—Mandiant also endeavors to share its frontline experience, when possible, with the broader cybersecurity, law enforcement, and legislative communities. Mandiant is known for superior, global threat intelligence and deep experience in finding sophisticated attackers. These capabilities have enabled Mandiant to evolve its incident response practices that reflect the changing nature of breach-related regional litigation and insurance requirements.

The Forrester report noted that its Mandiant Academy prepares customer teams for the front line while its cyber range truly puts more mature teams to the test.

Customer references laud Mandiant’s ability to seamlessly move from the SOC to the boardroom with its executive education and tabletop engagements. The report also recognizes its post-breach support in the form of tailored reporting, ongoing monitoring, and validation of controls against attacker tactics to prevent reentry.

Forrester encourages security and risk professionals to evaluate Mandiant when looking for a provider that is fluent in both technical and executive communication and serve as a partner in simulating and solving complex breach and attack scenarios.

Learn more about Forrester’s perspective on key requirements of incident response services and a detailed overview of Mandiant’s capabilities in this area by downloading the Q1 2022 report.

Explore Mandiant’s most popular incident response services delivered by frontline experts, along with our new guide to effectively activating cyber defenses with The Defender’s Advantage.