Join FireEye EMEA CTO David Grout for a first-hand look at the latest incident response metrics, attacker trends and behaviours, and case study highlights from the 2021 Mandiant M-Trends Report.

FireEye, Inc.  (NASDAQ: FEYE), the intelligence-led security company, today announced that it was recognized as a strong performer in the Forrester Research, Inc. report: “The Forrester Wave TM : Managed Detection and Response, Q1 2021.”

The latest M-Trends 2021 report is packed with data from Mandiant's frontline incident response experience and unparalleled threat intelligence into the most impactful breaches and attacker behaviors around the world. But there is a deeper story to be told.

Security Validation, Return threat actor intelligence, Attack Surface Management, Attack Surface Management uses the Mandiant Threat Intelligence API to ernich external assets and pull in confidence and risk rating, CVE vulnerability reports and more.

In the process of reviewing past performance and evidence, Mandiant also constantly looks forward, assessing expectations against real-world events. We gather our observations in the Cyber Security Forecast report (formerly Cyber Security Predictions).

Whilst continuing to constantly improve capabilities and features on our Mandiant Security Validation Platform, during this tech talk we will demonstrate to you all the new features and associated use cases we experienced with our customers and partners. This session will focus on Cloud Assessment, Reporting capabilities, and Intelligence integration.

Today, The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1's multi-year, enterprise-scale computer espionage campaign. APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.

This blog post details the post-compromise tradecraft and operational tactics, techniques, and procedures (TTPs) of a Chinese espionage group we track as UNC215. While UNC215’s targets are located throughout the Middle East, Europe, Asia, and North America, this report focuses on intrusion activity primarily observed at Israeli entities.

On June 27, 2017, multiple organizations – many in Europe – reported  significant disruptions  they are attributing to a variant of the Petya ransomware, which we are calling “EternalPetya”. The malware was initially distributed through a compromised software update system and then self-propagated through stolen credentials and SMB exploits, including the  EternalBlue exploit  used in the  WannaCry  attack from May 2017.

"After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that cyber attacks were directly responsible for power outages in Ukraine. The SANS ICS team has been coordinating ongoing discussions and providing analysis across multiple international community members and companies. We assess with high confidence based on company statements, media reports, and first-hand analysis that the incident was due to a coordinated intentional attack."