Home > News > featured news > Mandiant Recognized as a Large Provider of Cyber Security Incident Response Services by Independent Research Firm

SOFTWARE SECURITY

Mandiant Recognized as a Large Provider of Cyber Security Incident Response Services by Independent Research Firm

Mandiant | December 03, 2021

Mandiant-Recognized-min
-Mandiant, Inc. the leader in dynamic cyber defense and response, today announced its inclusion in the new Forrester report “Now Tech: Cybersecurity Incident Response Services, Q4 2021.” The report provides an overview of 36 cyber security incident response vendors segmented by capabilities, size, vertical focus and geographic footprint. The purpose of the report is to help security leaders better understand the value organizations can expect from incident response vendors and make more informed procurement decisions.

Since 2004, Mandiant has been at the forefront of cyber security and cyber threat intelligence, enabling a deep understanding of both existing and emerging threat actors, as well as their rapidly changing tactics, techniques and procedures. Its expertise derived from more than 200,000 hours responding to attacks per year as well as its proven track record of working on large and highly publicized incidents uniquely qualifies the company to assist clients with all aspects of an incident response—from technical response to crisis management. With Mandiant, organizations can confidently investigate and remediate incidents faster and more efficiently, allowing them to quickly get back to what matters most—their business.

“In today’s ever-evolving threat environment, it’s not a question of if an organization will become a target of a cyber attack, but rather when,And with attacks becoming more sophisticated, speed to detection and remediation are key to ensuring business continuity. Mandiant services combined with our cyber security SaaS platform—Mandiant Advantage—enable early threat insights, ensuring our customers can quickly identify, respond to and defend against cyber threats.”

Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant

About Mandiant, Inc.
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.

Spotlight

Cisco Secure Drives Security Resilience

Cisco Security Cloud is the one solution to help you be resilient across your network, users, clouds and apps. You'll be able to see across the multicloud environments, anticipate what’s next, take the right action, close security gaps, and more.

More featured news

Spotlight

Cisco Secure Drives Security Resilience

Cisco Security Cloud is the one solution to help you be resilient across your network, users, clouds and apps. You'll be able to see across the multicloud environments, anticipate what’s next, take the right action, close security gaps, and more.

Related News

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Businesswire | May 31, 2023

SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake. Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format. SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets. Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity. About SOC Prime Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Blackpoint Launches New Product Expanding Security Ecosystem

Prnewswire | May 26, 2023

Blackpoint Cyber, the elite technology-focused cybersecurity company providing its streamlined security suite via managed service providers (MSPs), announced today the launch of its newest product, Managed Application Control, continuing Blackpoint's investment in building out the most comprehensive MSP security ecosystem available. The new solution goes beyond traditional approaches to application control, simplifying security management and improving productivity for MSPs and the businesses they serve. Threat actors often evade endpoint protection systems by "living off the land," or misusing legitimate IT tools native to the target environment. Managed Application Control protects from these attacks with a uniquely curated, constantly updated block list of applications by Blackpoint's threat intelligence team. The approach stands in contrast to pure zero-trust or deny-all methods of application control, which produce operational bottlenecks. With Managed Application Control, organizations can still create custom rules and allow exceptions. But with Blackpoint's newest offering, IT administrators can reduce time spent on allowlists and endless verification requests. "Our team knows the attacker tradecraft, so introducing another layer of security to our already robust ecosystem through Managed Application Control, at no additional cost, just makes sense," said Jon Murchison, CEO and founder of Blackpoint Cyber. "Protecting our partners and their customers is our primary goal, and we are committed to providing MSPs with an easily accessible bundle of solutions. It comes down to providing our partners with the most value on the market, including this new product, so they can protect their customers and focus on their margins and operations. It's extra productivity with no extra cost." Blackpoint's team of top-tier experts and products focus on blocking risky and malicious applications. When an application is blocked, Blackpoint's security operations center (SOC) intervenes to investigate and stop any intrusion attempts, providing unparalleled protection and peace of mind for MSPs and their clients. "At Blackpoint, we have always focused on threat actor mentality so we can stop threats as early in the attack cycle as possible," said David Rushmer, director of Blackpoint Cyber's Adversary Pursuit Group. "With Managed Application Control, the ability to dynamically respond to potential intrusions across the threat landscape means improved protection for our customers." The offering is the latest addition to Blackpoint Response, a packaged bundle of integrated cybersecurity solutions that includes Managed Detection and Response (MDR), Managed Defender for Endpoint, Vulnerability Management, and Cloud Response for a unified defense against cyber threats. ABOUT BLACKPOINT CYBER Blackpoint Cyber offers a world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and Security Operations Center (SOC), Blackpoint's true 24/7 Managed Detection & Response (MDR) service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep MSPs and their clients' networks safe from widespread damage.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Dashlane Introduces Passwordless Login

Businesswire | May 08, 2023

Dashlane, the security-first password manager, today introduced Passwordless Login, a technology that eliminates the need to create a master password to access Dashlane. The company was the first password manager to offer an extension that supports passkeys and this is the next step in that evolution. With Passwordless Login, users will be able to securely access their Dashlane account without having to create and remember a single password. As digital profiles have multiplied both professionally and personally, it’s become increasingly difficult to securely manage credentials. Gartner reported that as many as 20-50% of all helpdesk calls are related to password resets. Password managers have helped simplify this process, though users have still needed to create and remember a master password to access their vaults. By eliminating the master password, Dashlane will empower users to create new phishing-resistant, passwordless accounts that don’t suffer from the vulnerabilities of traditional passwords and multifactor authentication (MFA). Not only does this strengthen overall security posture, it removes user friction and provides a more accessible way for people to access their accounts and protect their personal information. “Our business has long been about helping users and organizations manage their passwords and logins. But the digital password was born in the 1960s and despite technological advancements, many people still use the same username and password format for most of their online lives,” said John Bennett, CEO at Dashlane. “While our business model has relied on users having one strong, unique master password, it’s still a password that can be weak, reused, phished, or breached. Unveiling today’s passwordless technology marks a significant milestone in our journey towards a future with no passwords.” By relying on the strength of local device security, which includes PINs and biometrics, Dashlane is able to securely authenticate and provide access to a user’s encrypted vault, which allows Dashlane to be resistant to phishing attacks. Additionally, Dashlane uses cryptographic keys generated with Elliptic-curve Diffie-Hellman (ECDH) to assist with securely exchanging secrets between devices, making setting up a new device fast and secure and regaining access simple. Dashlane is introducing a new mechanism to let users recover their data if they lose their device. This new Dashlane Account Recovery Key will also be made available to our existing users who still use a master password to log in to Dashlane. Dashlane’s Passwordless Login is a cross-platform solution that is agnostic to the state of a user’s hardware and software. The technology also enables: Faster device setup flow using a registered device The ability to set up device-specific PIN codes and biometrics (like fingerprint or facial recognition) to create an account on a mobile iOS or Android device The ability to regain access to an account with a recovery key, in the event of a total device loss Dashlane recently became a board-level member of the FIDO Alliance, doubling down on its commitment to work with industry partners to advance the passwordless future through the widespread adoption of passkeys and phishing-resistant authentication. New Dashlane users will be able to sign up for an account without a master password in the coming months on their mobile device, and the capability will be rolled out to existing customers later this year. For more information on Passwordless Login for Dashlane and to see a demo of how the experience will work, please visit Dashlane’s Passwordless hub. About Dashlane Dashlane is a password management solution that removes complexity by pairing comprehensive security with ease of use. We are closely attuned to the needs of our users, balancing simple tools with an uncompromising approach to security–a game changer for anyone, but especially for IT admins working to secure their organization. Our team in Paris, New York, and Lisbon is united by a strong sense of community and passion for improving the digital experience. Over 18 million users and 20,000 businesses globally use Dashlane for a faster, simpler, and more secure internet.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY, CLOUD SECURITY

SOC Prime Launches Integration with Amazon Security Lake to Supercharge Security Operations

Businesswire | May 31, 2023

SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced its integration with Amazon Security Lake, the AWS security service that enables organizations to automatically centralize security data from the cloud, on-premises, and custom data sources into a purpose-driven data lake stored in their account. SOC Prime drives a transformational change in cybersecurity relying on zero-trust & multi-cloud approach to empower smart data orchestration, dynamic attack surface visibility, and cost-efficient threat hunting. Backed by its advanced cybersecurity solutions, Uncoder AI, Attack Detective, and The Prime Hunt, SOC Prime enables organizations to boost their cyber defense capabilities at scale, unleashing the power of Amazon Security Lake. Leveraging SOC Prime’s Uncoder AI, an Augmented Intelligence framework, security teams can save development time and migration costs with re-usable threat hunting queries automatically convertible to Amazon Athena and OpenSearch in the standard Open Cybersecurity Schema Framework (OSCF) format. SOC Prime’s Attack Detective tool intelligently and automatically queries security logs in the customer's Amazon Security Lake account via Amazon Athena and Amazon OpenSearch to identify data sources and then scan them in real time with a curated set of threat hunting queries. By leveraging Attack Detective, security engineers can channel their efforts directly into incident investigation rather than analyzing overwhelming volumes of alerts and accelerate threat research by validating over 10,000 adversary behaviors against the stored log sources in a matter of hours. Attack Detective follows core Zero-Trust Architecture (ZTA) principles segregating the data plane and control plane to ensure that no SIEM or EDR access credentials are shared or inherited within the Company profile. The tool provides complete threat visibility based on the organization-specific logs by linking and correlating with SIEM and EDR on-premises data in its native location without the need to migrate it to the cloud, which contributes to significant cost savings and ensures compliance with zero-trust basic tenets. Adding to investment optimization capabilities, The Prime Hunt open-source browser extension enables security professionals to extract valuable data from large datasets at a lower cost. Users can seamlessly run threat hunting queries on security logs within the Amazon Security Lake account via a web browser in both Athena and OpenSearch and automatically identify accounts and assets affected by the suspected activity. About SOC Prime Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Blackpoint Launches New Product Expanding Security Ecosystem

Prnewswire | May 26, 2023

Blackpoint Cyber, the elite technology-focused cybersecurity company providing its streamlined security suite via managed service providers (MSPs), announced today the launch of its newest product, Managed Application Control, continuing Blackpoint's investment in building out the most comprehensive MSP security ecosystem available. The new solution goes beyond traditional approaches to application control, simplifying security management and improving productivity for MSPs and the businesses they serve. Threat actors often evade endpoint protection systems by "living off the land," or misusing legitimate IT tools native to the target environment. Managed Application Control protects from these attacks with a uniquely curated, constantly updated block list of applications by Blackpoint's threat intelligence team. The approach stands in contrast to pure zero-trust or deny-all methods of application control, which produce operational bottlenecks. With Managed Application Control, organizations can still create custom rules and allow exceptions. But with Blackpoint's newest offering, IT administrators can reduce time spent on allowlists and endless verification requests. "Our team knows the attacker tradecraft, so introducing another layer of security to our already robust ecosystem through Managed Application Control, at no additional cost, just makes sense," said Jon Murchison, CEO and founder of Blackpoint Cyber. "Protecting our partners and their customers is our primary goal, and we are committed to providing MSPs with an easily accessible bundle of solutions. It comes down to providing our partners with the most value on the market, including this new product, so they can protect their customers and focus on their margins and operations. It's extra productivity with no extra cost." Blackpoint's team of top-tier experts and products focus on blocking risky and malicious applications. When an application is blocked, Blackpoint's security operations center (SOC) intervenes to investigate and stop any intrusion attempts, providing unparalleled protection and peace of mind for MSPs and their clients. "At Blackpoint, we have always focused on threat actor mentality so we can stop threats as early in the attack cycle as possible," said David Rushmer, director of Blackpoint Cyber's Adversary Pursuit Group. "With Managed Application Control, the ability to dynamically respond to potential intrusions across the threat landscape means improved protection for our customers." The offering is the latest addition to Blackpoint Response, a packaged bundle of integrated cybersecurity solutions that includes Managed Detection and Response (MDR), Managed Defender for Endpoint, Vulnerability Management, and Cloud Response for a unified defense against cyber threats. ABOUT BLACKPOINT CYBER Blackpoint Cyber offers a world-class, nation-state-grade cybersecurity ecosystem serving the MSP community. Using its own software and Security Operations Center (SOC), Blackpoint's true 24/7 Managed Detection & Response (MDR) service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep MSPs and their clients' networks safe from widespread damage.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Dashlane Introduces Passwordless Login

Businesswire | May 08, 2023

Dashlane, the security-first password manager, today introduced Passwordless Login, a technology that eliminates the need to create a master password to access Dashlane. The company was the first password manager to offer an extension that supports passkeys and this is the next step in that evolution. With Passwordless Login, users will be able to securely access their Dashlane account without having to create and remember a single password. As digital profiles have multiplied both professionally and personally, it’s become increasingly difficult to securely manage credentials. Gartner reported that as many as 20-50% of all helpdesk calls are related to password resets. Password managers have helped simplify this process, though users have still needed to create and remember a master password to access their vaults. By eliminating the master password, Dashlane will empower users to create new phishing-resistant, passwordless accounts that don’t suffer from the vulnerabilities of traditional passwords and multifactor authentication (MFA). Not only does this strengthen overall security posture, it removes user friction and provides a more accessible way for people to access their accounts and protect their personal information. “Our business has long been about helping users and organizations manage their passwords and logins. But the digital password was born in the 1960s and despite technological advancements, many people still use the same username and password format for most of their online lives,” said John Bennett, CEO at Dashlane. “While our business model has relied on users having one strong, unique master password, it’s still a password that can be weak, reused, phished, or breached. Unveiling today’s passwordless technology marks a significant milestone in our journey towards a future with no passwords.” By relying on the strength of local device security, which includes PINs and biometrics, Dashlane is able to securely authenticate and provide access to a user’s encrypted vault, which allows Dashlane to be resistant to phishing attacks. Additionally, Dashlane uses cryptographic keys generated with Elliptic-curve Diffie-Hellman (ECDH) to assist with securely exchanging secrets between devices, making setting up a new device fast and secure and regaining access simple. Dashlane is introducing a new mechanism to let users recover their data if they lose their device. This new Dashlane Account Recovery Key will also be made available to our existing users who still use a master password to log in to Dashlane. Dashlane’s Passwordless Login is a cross-platform solution that is agnostic to the state of a user’s hardware and software. The technology also enables: Faster device setup flow using a registered device The ability to set up device-specific PIN codes and biometrics (like fingerprint or facial recognition) to create an account on a mobile iOS or Android device The ability to regain access to an account with a recovery key, in the event of a total device loss Dashlane recently became a board-level member of the FIDO Alliance, doubling down on its commitment to work with industry partners to advance the passwordless future through the widespread adoption of passkeys and phishing-resistant authentication. New Dashlane users will be able to sign up for an account without a master password in the coming months on their mobile device, and the capability will be rolled out to existing customers later this year. For more information on Passwordless Login for Dashlane and to see a demo of how the experience will work, please visit Dashlane’s Passwordless hub. About Dashlane Dashlane is a password management solution that removes complexity by pairing comprehensive security with ease of use. We are closely attuned to the needs of our users, balancing simple tools with an uncompromising approach to security–a game changer for anyone, but especially for IT admins working to secure their organization. Our team in Paris, New York, and Lisbon is united by a strong sense of community and passion for improving the digital experience. Over 18 million users and 20,000 businesses globally use Dashlane for a faster, simpler, and more secure internet.

Read More

More featured news