Cyber Defense Assessment

Assess your ability to effectively detect and respond to evolving cyber attacks


The Cyber Defense Assessment is designed for organizations looking to build a new cyber defense function from the ground up, enhance their existing processes and supporting technology, and effectively measure their program performance against persistent and sophisticated real-world attacks.

Ultimately, the goal is to advance your organization’s cyber defense posture.

Mandiant delivers this assessment by performing the following actions backed by industry best practices and frontline expertise:

  • Documentation review of incident response, threat hunting, and threat intelligence plans and playbooks
  • Cyber defense workshops and skills matrix exercises with internal stakeholders to understand existing people, process, and technology capabilities
  • Analysis of critical log samples to validate configurations for effective threat detection and response
  • Tabletop exercises to assess end-to-end response actions and incident-related decision-making
  • Simulated attacks to assess the effectiveness of threat detection controls mapped against the MITRE ATT&CK framework

Service Objectives

  • Evaluate your cyber defense program across the six foundational functions
  • Customize engagement delivery to meet your organization’s specific needs through a tiered service model
  • Identify your cyber defense capability weaknesses and program gaps based on frontline experience
  • Understand how to improve your organization’s overall detection and prevention capabilities against today’s evolving threat actors
  • Build or enhance your organization’s cyber defense program to achieve security resilience


  • Detailed listing of recommendations to implement as you build or improve your cyber defense program
  • Technical briefing
  • Actionable roadmap of prioritized initiatives for recommended execution of improvements (Tier II and Tier III)
  • Executive briefing (Tier II and Tier III)

A Stronger Security Posture

The Cyber Defense Assessment reviews key elements of the six critical functions of cyber defense which have been identified as foundational blocks for an effective security program. Each of these six functions, associated with different cyber defense processes, tasks, technologies, and responsibilities, are thoroughly assessed and then validated by Mandiant consultants.


Threat Intelligence









Command and Contol

Command and Control

Since organizations differ in size, maturity, and business goals, Mandiant’s Cyber Defense Assessment is tailored to each organization’s specific needs through a tiered service model. Completion of the engagement typically takes four to six weeks.

For more on the six critical functions of cyber defense, read the Defender’s Advantage.

The Defender’s Advantage

Take command and galvanize your defender’s advantage by establishing and properly orchestrating effective cyber defenses. This allows your organization to identify malicious activity, detect and respond to compromise and validate the effectiveness of controls and operations against active threats.