We used this product for managed security to help prevent and protect against cyber attacks or security breaches.
Pros
Accurate and detailed reporting
24/7 Customer Support
Cons
I can’t think of anything that would need improvement
Likelihood to Recommend
We’ve used other providers who didnt seem to be as affective, in addition to sending tonnnns of faulty alerts. When an alert is received on Mandiant, it’s a legitimate alert/threat.
We were looking for Managed Detection & Response solution for our customer as there was issues on clarity of threats , which can not be define Bad & Good by even best technology available in market. MDR services can be a cost effective way to access the necessary detection & response skills and resources without having to recruit, train and retain the internal talent.
Pros
Integration & Protection-Mandiant provide highest degree of integration with Endpoints, Networks ,email & Cloud and Identity solutions an organization already using
Strong Protection- Mandiant has best threat landscape technology which provide holistic view of security & Protection.
Cons
Due to split from FireEye Mandiant no longer can provide its own End Point Protection as part of MDR for customers that want to transition after incident is complete .
Single remediation response with no-ongoing monitoring
Likelihood to Recommend
Rapid identification & Neutralization : The Madiant Rapid Response team will get work right away often within hours to identify and eject the adversary . Others Vendor takes days. Post Incidents Threat Summary: Mandiant provide formal summary of its investigation, detailing the actions it took & discovery it made as well as recommending long term guidance on how to mitigate the recurrence of similar threats in future . Also provide ongoing detection & response.
We use it to monitor our network and infrastructure servers, including firewalls, routers, switches, load balancers and proxies. It protects our organisation from advanced and emerging threats
Pros
Monitoring
Threat remediation
Training
Cons
Reporting
Likelihood to Recommend
It is good for threat monitoring and threat remediation. It proactively hunts for attackers across the entire infra. There is also training for infra team
VU
Verified User
Manager in Information Technology (11-50 employees)
Antivirus, while a good tool, doesn't rise to the level of use that EDR/XDR etc does. Not only do you need to detect that problems exist, you need to kill them at the point-of-attack.
Endpoint detect-respond does this.
MDR also has a pool of 24x7 engineers reviewing telemetry of interest to action or inform against.
Pros
SOAR
Pool of engineers 24x7
Cost-effective for what it does
Cons
View on assets under mgmt
Low-cost integrations with platforms/apps not already present
Customize what default view is
Likelihood to Recommend
MDR and competitor offer the "tip of the spear" against threat actors & provides eyes on covered devices around the clock. For any organization with exception of huge companies that run their own SOC this is heaven-sent.
Integrations with PaaS/SaaS are not something where an agent can be deployed - curious if custom API's are possible to hook into those that will allow it.
VU
Verified User
Director in Information Technology (501-1000 employees)
Managed Defense provides our organization with 24/7 SOC capabilities for our small cybersecurity team by monitoring our FireEye/Trellix suite of products. In addition to alert monitoring, escalation, and response, they provide regular threat hunting and threat intelligence briefings.
Pros
Alert monitoring, escalation, and response
Threat hunting
Threat intelligence briefing
Cons
I cannot think of anything
Likelihood to Recommend
Managed Defense is a must-have for any organization with limited cybersecurity resources and staff. In Managed Defense you have some of the best threat analyst and incident responders in the world to augment your security capabilities 24/7. It is hard to quantify the value of that piece of mind for a small/medium business.
VU
Verified User
Analyst in Information Technology (501-1000 employees)
Mandiant Managed Defense is being used for 24/7 coverage for the CSOC. Managed Defense is also used as an escalation point for high-severity incidents.
Pros
Excellent across all major tenant of incident response (detection, containment, eradication, etc.)
Has a strong backend support system to perform advanced incident response activities (reverse malware engineering, etc.)
Very scalable - no matter how small or large the incident, Managed Defense can tackle it, or escalate to Mandiant IR if the incident is complex and/or large enough.
Cons
Very little opportunities for improvement. Perhaps support for more alert types. Currently, not all alerts reviewed by the in-house CSOC team are in-scope for Managed Defense.
Likelihood to Recommend
Mandiant Managed Defense has helped the company manage small and very large incidents. I believe Managed Defense is well suited for any organization with an appetite to use an outsourced Managed Defense provider. They provide 24/7 coverage, and they alert on real activity. There isn't a lot of irrelevant / trivial chatter back and forth. They notify us when they need too.
VU
Verified User
Manager in Information Technology (1001-5000 employees)
