Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.



Mandiant is recognized by enterprises, governments and law enforcement agencies worldwide as the market leader in threat intelligence and expertise gained on the frontlines of cyber security. To make every organization confidently ready for cyber threats, Mandiant scales its intelligence and expertise through the Mandiant Advantage SaaS platform to deliver current intelligence, automation of alert investigation and prioritization and validation of security controls products from a variety of vendors.

Our Website:

Latest Content From Mandiant

Research Report: Mandiant Advantage Threat Intelligence For Security Professionals

by MandiantOct 17, 2022

The persistence of modern threat actors requires attention and increased knowledge. Mandiant offers five use-case-based subscriptions to provide organizations with up-to-the-minute threat intelligence.

Download this report to learn how a combination of the breach, machine, operational and adversarial intelligence, cultivated by more than 300 experts, across 23 countries and covering 30+ languages, will help the organization perform their security tasks faster and with more accuracy.

Whitepaper: Proactive Preparation and Hardening to Protect Against Destructive Attacks

by MandiantOct 17, 2022

Threat actors leverage destructive malware to destroy data, eliminate evidence of malicious activity, or manipulate systems in a way that renders them inoperable. Destructive cyber attacks can be a powerful means to achieve strategic or tactical objectives; however, the risk of reprisal is likely to limit the frequency of use to very select incidents.

Download this whitepaper to get practical and scalable methods to help protect organizations from destructive incidents and cyber attacks.

Research Report: APT42: Crooked Charms, Cons and Compromises

by MandiantOct 17, 2022

Mandiant assesses with high confidence that APT42 is a prolific and well-resourced threat actor that carries out Iranian state-sponsored espionage and surveillance activity in support of Iran's strategic priorities.

Download this report to understand APT42's toolkit and techniques, targeting activities, and how it fits into Iran's cyber capability and its relationship to other groups.

Research Report: Remediation and Hardening Strategies for Microsoft 365 to Defend Against APT29

by MandiantOct 17, 2022

Mandiant uncovered and publicly disclosed a widespread campaign conducted by the threat group it tracks as UNC2452. Recently, Mandiant merged UNC2452 into APT29. APT29 and other threat actors have used several methodologies to move laterally from on-premises networks to the cloud, specifically Microsoft 365.

Download this whitepaper to learn techniques used by APT29, and how to proactively harden and remediate environments where similar techniques have been observed.

Whitepaper: A Requirements-Driven Approach to Cyber Threat Intelligence

by MandiantOct 16, 2022

Implementing a requirements-driven approach will significantly improve the efficiency, utility, and value of a cyber threat intelligence program. Requirements-driven intelligence functions are highly effective in triaging and balancing a host of competing demands.

Download this whitepaper to learn what it means to be requirements-driven in practice, and get actionable advice on how Intelligence functions can implement and optimize such an approach themselves.

Whitepaper: Block Attack Opportunities with Attack Surface Management - Solution Brief

by MandiantOct 07, 2022

As digital environments become more dispersed and diverse, it's more difficult to track and monitor every asset, as well as connections and dependences. In a recent global survey, 75% of C-suite respondents worry their enterprises are now too complex to secure.

Download this report to learn:

  • Ways Attack Surface Management recognizes vulnerabilities
  • Types of organizational problems Attack Surface Management solves
  • Integrations with Threat Intelligence and Security Validation

Whitepaper: Solution Brief: Combatting Ransomware

by MandiantOct 07, 2022

Ransomware actors have intensified their attack campaigns by threatening critical infrastructure shutdowns, risking public health and safety, diverting vital public resources, and impacting data privacy.

Early detection of the intrusion accelerates the response, minimizes the impact and swiftly resumes business operations.

Download this whitepaper to learn:

  • Anatomy of a targeted ransomware attack;
  • The objectives of ransomware defenses;
  • How to help your organization address this challenge.

Research Report: Trending Evil 3 - Findings from Mandiant Managed Defense

by MandiantOct 07, 2022

Between May and June 2022, Mandiant Managed Defense identified two new malware families designed to gain a foothold in compromised environments. Mandiant assesses with high confidence that UNC2295 is linked to APT32, an espionage operation aligned with the national interests of Vietnam.

Download this whitepaper to learn:

  • Two new malware families discovered;
  • Steps to avoid attacks that use messaging platforms;
  • Prevalent tactics and techniques.

Research Report: The Defender's Advantage Cyber Snapshot

by MandiantOct 07, 2022

The Defender's Advantage Cyber Snapshot report delivers insights into today's top cyber defense topics based on Mandiant frontline observations and real-world experience.

Download the report for a deep-dive into these four critical areas:

  • Common internet-facing vulnerabilities
  • Threats to operational technologies (OT) and ICS networks
  • Cyber security risks associated with mergers and acquisitions
  • The unique challenges in protecting elections and major events

Whitepaper: Determine your Cyber Security Risk with Repurposed Ransomware

by MandiantSep 08, 2022

Mandiant uses repurposed ransomware to safely run attack binaries against an organization's security controls to determine whether the organization can block that type of ransomware before an attack occurs.