“We’re beyond excited to bring our capabilities to the Mandiant Advantage platform, accelerating and greatly expanding our mission-driven team’s impact. I believe our combined capabilities will enable security teams to gain a significant edge against today’s threats.”

The acquisition of Intrigue is aligned with Mandiant’s strategy of scaling its expertise and intelligence gained on the frontlines of incident response to customers through technology. By offering Intrigue’s technology through the Mandiant Advantage platform, customers will be able to address critical gaps in their security programs by leveraging the latest attack surface management capabilities in an easy-to-use software-as-a-service (SaaS) platform.

The combination of Mandiant’s best-in-class intelligence and Intrigue’s powerful attack surface discovery capabilities delivers a deeper understanding of risk across multi-cloud, hybrid, and on-premise environments. This actionable insight gives organizations immediate visibility and understanding of their risk profile and the potential impact of the latest attacks on both them and their full supply chain. With this acquisition, Mandiant will expand its SaaS capabilities in conjunction with the other modules currently offered through its Mandiant Advantage platform: Mandiant Threat Intelligence, Security Validation and Automated Defense.

By coupling intelligence on the vulnerabilities that are being exploited by adversaries with visibility across the entire attack surface, Mandiant Advantage with Intrigue’s capabilities advances the ability of today’s overworked security teams to understand what assets they have, and where to prioritize activities as they seek to focus on the exposures that matter most right now.

“We are excited to welcome the Intrigue team to Mandiant. Intrigue is a strategic and immediately impactful addition to the Mandiant Advantage platform. Discovering and continuously monitoring the dynamic attack surface of a modern cloud-enabled organization is critical to assess risk and prioritize response,” said Colby DeRodeff, Chief Technology Officer, Mandiant Advantage. “Mandiant knows what adversaries are doing right now and what vulnerabilities they are currently exploiting. By combining this intelligence with the capabilities of Intrigue, we are rapidly evolving our customers’ ability to efficiently manage risk and prioritize their resources.”

“The vision of Intrigue is to provide continuous, in-depth visibility of organizations’ attack surface and risk,” said Jonathan Cran, Intrigue Founder and CEO prior to the acquisition. “We’re beyond excited to bring our capabilities to the Mandiant Advantage platform, accelerating and greatly expanding our mission-driven team’s impact. I believe our combined capabilities will enable security teams to gain a significant edge against today’s threats.”

For more details on this news, please visit https://www.fireeye.com/blog/products-and-services/2021/08/an-intriguing-update-to-mandiant-advantage.html.

Image licensed by pexels.com

Related News:

New Mandiant Services Help Organizations Balance Effective Cyber Security and Business Risk

Top 7 Tips for Implementing an Organizational Risk Management Strategy

The post Mandiant’s Attack Surface Management added to its SaaS Portfolio with the Acquisition of Intrigue appeared first on Digital IT News.

“When developing a corporate security strategy and program, it is imperative to identify the areas and assets with the highest business value and those with the most significant threats and vulnerabilities. Mandiant Cyber Risk Management Services are designed to balance business and technical considerations and provide executives with risk-based decision support,” said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting. “Mandiant brings unparalleled frontline expertise and analysis to help business leaders focus on running their businesses more securely by prioritizing their security investments to maximize risk reduction.”

The Cyber Risk Management Services offering incorporates Mandiant threat intelligence, incident response data, and proven risk methodologies to help organizations shine a light on where harmful risk exists. This allows business and security leaders to shift from a reactive security approach to a risk-based, informed program for better decision-making and critical asset protection.

Structured as building blocks that work independently and collectively, Mandiant Cyber Risk Management Services include:

1. Security Program Assessment – evaluate existing capabilities and maturity, coupled with an actionable improvement roadmap focused on the areas with the highest risk based on Mandiant’s frontline expertise
2. Crown Jewels Assessment – identify critical assets to shift security efforts and prioritize investment on the assets that matter most
3. Cyber Due Diligence – surface and manage inherited cyber risks outside of an organization’s control like those found in supply chain, third-party vendors, or during corporate acquisitions and divestment
4. Cyber Risk Operations – design and operationalize risk programs that leverage threat intelligence and frontline experience to determine custom risk profiles and tolerances, including how to best invest in security capabilities
5. Threat and Vulnerability Management – build and improve the capability to identify and manage specific threats with significant technology impact and vulnerability if left exposed
6. Threat Modeling – uncover unknown risks in both current and future state for improved planning

Learn more about Mandiant Cyber Risk Management Services: https://www.fireeye.com/mandiant/cyber-risk-management-services.html

Image licensed by Unsplash.com

Related News:

Growing Security Operation Center Challenges, Increasing Complexity and Rising Costs Drive Investments in XDR and Security Automation

Netwrix Reports: 4 of the Top 6 Types of Cybersecurity Incidents Are Now Related to Insider Actions

The post New Mandiant Services Help Organizations Balance Effective Cyber Security and Business Risk appeared first on Digital IT News.

“The findings of the Ponemon Economics of the SOC report show that organizations are facing an onslaught of rising security operations costs, but despite these increased investments, are still unhappy with their ability to combat growing cyberthreats,” said Chris Triolo, Vice President of Customer Success, FireEye. “Many security teams are now seeking new technologies that can provide greater efficiencies and visibility, while cutting alert overloads and eliminating mundane tasks to improve analyst morale.”

Perceived ROI of the SOC Drops, While Costs Rise

The ROI of SOC investments have been worsening, due to increasing complexity and rising security engineering and management outsourcing costs.

• Perceived ROI of the SOC is Dropping Due to Management Complexity: More than half (51 percent) of respondents say the ROI of the SOC is getting worse, compared to 44 percent in 2019. More than 80 percent rate their SOC’s complexity as very high, rising from 74 percent in 2019.
• Rising Outsourcing Costs Lessen Appeal: The cost to pay MSSPs for security monitoring also increased and may impact ROI. The average cost for respondents is $5,307,250 annually, an increase from $4,441,500 in 2019 (i.e., approximately 20 percent year over year).
• High Security Engineering Costs Aren’t Resolving Needs: Organizations surveyed are spending an average of $2,716,514 per year on security engineering. However, only 51 percent of respondents rate their security engineering efforts as effective or very effective.

SOC Workers Unhappy, Despite Increasing Salaries

Even with increasing salaries, organizations are not able to boost employee morale.

• Security Analyst Morale Impacted by Long Hours and Demanding Work: 85 percent of respondents say working in the SOC is painful or very painful, with this sentiment growing from 72 percent in 2019. Increasing workloads and being on call are overwhelming security analysts, with 75 percent saying that these factors cause burnout, rising from 70 percent in 2019.
• SOCs Can’t Meet the Rate of Security Analyst Turnover: Despite organizations surveyed expecting to hire an average of five analysts in 2021, three will resign or be fired in one year. Organizations are increasing security analyst salaries, with the average rising from $102,000 in 2019 to $111,000 in 2020. However, only 38 percent still believe they can hire the right talent.

New Technology Investments Show Promise

However, increasing investments in new XDR and security automation tools show promise to reduce security engineering costs, boost SOC performance and employee morale.

• XDR and Security Automation Budgets are Increasing: Organizations are investing in XDR as an emerging category to improve SOC performance. Organizations surveyed intended to spend an average of $333,150 for XDR; $345,150 for SOAR; $285,150 for MDR; and $183,150 for SIEMs.

The SOC is Key for Maintaining Security Posture

Despite current ROI perception, respondents noted that the SOC is more important than ever to having a strong security posture.

• The SOC is Essential: The number of respondents who said their SOC is essential or very important increased from 73 percent last year to 80 percent now. Meanwhile, the most important SOC activities are: Minimizing false positives reporting (88 percent); having agile DevOps functions (increasing from 73 to 85 percent); and automating machine learning tools (increasing from 72 to 80 percent).

Additional Report Resources

• FireEye blog post with additional report analysis: https://www.fireeye.com/blog/products-and-services/2021/01/is-your-soc-effective-people-and-tools-help-determine-the-roi.html
• Ponemon 2020 Economics of the SOC report: https://respond-software.com/resources/reports-ebooks/second-economics-of-the-soc/

Image licensed by Pexels.com

Related News:

FireEye Announces Acquisition of Respond Software for $186 Million

Palo Alto Networks and PwC Join Forces to Boost Cybersecurity Defenses

The post Growing Security Operation Center Challenges, Increasing Complexity and Rising Costs Drive Investments in XDR and Security Automation appeared first on Digital IT News.