Cyber Defense Assessment

The Cyber Defense Assessment is designed for organizations looking to build a new cyber defense function from the ground up, enhance their existing processes and supporting technology, and effectively measure their program performance against persistent and sophisticated real-world attacks.

Ultimately, the goal is to advance your organization’s cyber defense posture.

Mandiant delivers this assessment by performing the following actions backed by industry best practices and frontline expertise:

• Documentation review of incident response, threat hunting, and threat intelligence plans and playbooks
• Cyber defense workshops and skills matrix exercises with internal stakeholders to understand existing people, process, and technology capabilities
• Analysis of critical log samples to validate configurations for effective threat detection and response
• Tabletop exercises to assess end-to-end response actions and incident-related decision-making
• Simulated attacks to assess the effectiveness of threat detection controls mapped against the MITRE ATT&CK framework

• Evaluate your cyber defense program across the six foundational functions
• Customize engagement delivery to meet your organization’s specific needs through a tiered service model
• Identify your cyber defense capability weaknesses and program gaps based on frontline experience
• Understand how to improve your organization’s overall detection and prevention capabilities against today’s evolving threat actors
• Build or enhance your organization’s cyber defense program to achieve security resilience

• Detailed listing of recommendations to implement as you build or improve your cyber defense program
• Technical briefing
• Actionable roadmap of prioritized initiatives for recommended execution of improvements (Tier II and Tier III)
• Executive briefing (Tier II and Tier III)

The Cyber Defense Assessment reviews key elements of the six critical functions of cyber defense which have been identified as foundational blocks for an effective security program. Each of these six functions, associated with different cyber defense processes, tasks, technologies, and responsibilities, are thoroughly assessed and then validated by Mandiant consultants.

Since organizations differ in size, maturity, and business goals, Mandiant’s Cyber Defense Assessment is tailored to each organization’s specific needs through a tiered service model. Completion of the engagement typically takes four to six weeks.

For more on the six critical functions of cyber defense, read the Defender’s Advantage.