BACK TO LIST
Quick navigation

FireEye

Mandiant Red Team Operations from FireEye

Test how well your people, processes and technology protect your most critical assets
Website
Value Proposition

Problem

Organizations can greatly improve their security by rethinking it from the perspective of an attacker trying to gain access to their most critical assets (data, people and systems).

Solution

Red Teaming for Security Operations is designed to test both your organization’s security posture and the capabilities of your internal security team. This is accomplished by using a realistic scenario prior to an attacker breaching your environment, potentially causing unwanted headlines. Red Teaming for Security Operations focuses on the prevention, detection and response capabilities of your internal security team. An incident responder works with your security team to help detect the red team while the assessment is in progress and to advise on appropriate response tactics if activity is detected. Once the assessment is completed, members of the red team and the embedded incident responder work with your internal security team to build a plan to enhance prevention, detection and response to future attacks

Main Activities

  • Identify objectives and rules of engagement [i.e. white box versus black box]: Using a realistic scenario prior to an attacker breaching your environment, with a focus on on evaluating prevention, detection and response capabilities of your internal security team.
  • The red team attempts to breach your environment, maintain persistence, escalate privileges, obtain access to key systems, generate fake data that emulates sensitive production data and simulate data theft [non-disruptive, non-damaging tactics]
  • Incident responder works with your security team to help detect the red team while the assessment is in progress and to advise on appropriate response tactics if activity is detected
  • Technical details with step-bystep information that allows you to recreate our findings
  • Summary for executives and senior-level management
  • Fact-based risk analysis so you know a critical finding is relevant to your environment
  • Tactical recommendations for immediate improvement
  • Strategic recommendations for longer-term improvement
Key Differentiators
  • Invaluable experience responding to a real-world incident without the pressure of a potential headlinecausing breach
  • Mandiant is a trusted advisor to organizations globally with over 10 years of experience dealing with advanced threat actors from around the world
  • We support organizations during the most critical times after a security breach has been identified and proactively help them improve their detection, response and containment capabilities
  • Our Red Team Operations leverage our deep knowledge of advanced persistent threats and attacker behavior
  • We seek to achieve a predetermined set of objectives by simulating the tools, tactics and procedures (TTPs) of real-world attackers
Customers

References

Undisclosed

Downloads

Video(s)

Screenshots