Transcription
FireEye
The New Threat LandscapeLimited cooperationbetween governmentsThe Riseof Professional Hacking GroupsNo rules of engagement incyber warfareThe rise of anonymouscryptocurrencies3 2021 FireEyeThe Riseof Ransomware
The New AdversaryMotivated and capableScalable and organizedHighly advanced4 2021 FireEye
The Growing Ransomware ThreatPROLIFERATING DEMANDMandiant ransomware response engagementsincreased 10x in 2020 from 2018RAPID DEPLOYMENTMedian of only 3.5 days from intrusion to deploymentRansomware Incident ResponseInvestigations by Mandiant1000AVERAGE COSTWide range from 250,000 to 50 million USDRISING PAYMENTSAverage payment increased upwards of 180%from March 2019 to March 2020BUSINESS IMPACT1 in 10 businesses close due to a ransomware attack5 2021 FireEye500201820192020
Cyber Threats vs. Organizations’ ChallengesThe Riseof ProfessionalHacking GroupsCloudAdoptionSkillShortageThe Riseof Ransomware6 2021 FireEyeBudget andEffectiveness
Side Effects of a BreachStunted GrowthA breach can stalla company’sgrowth for up to 3years7 2021 FireEyeReduced StockPriceAverage stockprice decline of 3%– 7.5% after breachdisclosureIncurred CostLost CustomersAverage cost of adata breach is 4million USD or 150USD per lost recordBreaches causeabnormal customerturnover of 3.9% onaverage
The Four Questions for Every Security TeamAm Iprotected?8 2021 FireEyeHave I beenbreached?How do Irespond?How do Iprepare?
Security and Business OutcomesAm Iprotected?Simplifiedcompliance andinternal reporting9 2021 FireEyeHave I beenbreached?Shorter time torespond andremediateHow do Irespond?Reduced lossesand reputationaldamageHow do Iprepare?Improved talentretention andperformanceHigher ROI fromsecurityinvestments
Getting to The TruthOUR DIFFERENTIATIONThrough our expertise,intelligence and technology welearn, before anyone else, thetools and tactics attackers areusing to circumvent securitysafeguards.10 2021 FireEye
The FireEye DifferenceBreach IntelligenceADVERSARY INTELLIGENCEMACHINE INTELLIGENCE23 countries30 languages180 analysts and researchers30K intel reports per year15,000 network sensors18M EndpointsTens of millions of malwaredetonations per hour65M Emails Processed / DayOPERATIONAL INTELLIGENCEEXPERTISE FROM THE FRONT LINES5 Security Operations Centers99M events ingested21M alerts validated by Intel16 years of investigative expertise500 consultants in 20 countries400 Red Team Exercises per yearWHO11 2021 FireEyeWHYHOWIMPACT
UNC 2452 / SUNBURST Global campaign By a highly capable threat actor Involves numerous vendors Targeting many state agencies FireEye caught it first FireEye UNC2452 and Sunburstonline Resource Center12 2021 FireEye
Company PortfolioMANDIANTSolutions that enable every security team in theworld to easily augment and automate ourintelligence and expertise into their environment,regardless of the controls they have deployed.FIREEYESolutions with detection, protection, and responsecapabilities under a security operationsplatform, Helix, powered by intelligence andexpertise from Mandiant.13 2021 FireEye 2020
Mandiant Solutions Portfolio
Mandiant Solutions PortfolioConsulting ServicesThreat IntelligenceSecurity ValidationDefense (formerly Respond)Managed DefenseExpertise On Demand15 2021 FireEyeThe goal of MandiantSolutions is to augment andautomate every securityteam in the world withexpertise and intelligence,regardless of SIEM/controlsdeployed.
The portal to all things Mandiant SaaS offering Integration across solutions16 2021 FireEye
Mandiant AdvantageExpertiseand fenseTechnologyMandiant SecurityValidationMandiant Defense(Respond)Intelligence17 2021 FireEyeMandiant Threat Intelligence
Business OutcomesFocus on the highest-riskissues: PrioritizationIntelligence overlaid on SecOps workflow: reduceimpact18 2021 FireEyeValidate your adversaryspecific controls:Understand Relevance& ReadinessProactively hunt for keyadversaries: DecreaseDamage / Peace of MindIdentify important contextautomatically: EfficiencyBetter leverage existingsecurity controls:Optimization / Rationalization
MandiantThreatIntelligenceFocus on threats that matterto your business right now Optimize resources. Realign cyber defensestrategy based on latest insights. Early warning on brand or reputation threats. Reduce attack surfaces based on exploit andprevalence ratings. Increase efficiency and effectiveness ofSecurity Operations with automated expertise19 2021 FireEye
Why Mandiant Threat IntelligenceDirect access toBreach, Machine, Operationaland Adversarial IntelligenceAttribution & AdversarialGraduation (Temp, APT, FIN )Threat VisibilityGlobal, geo, industry your brandTime to valueSaaS offering withenablement and expertiseRelevant & actionableTrends, actor profiles, tactics,observables, reports 20 2021 FireEyeEasy to integrate withany security tool
MandiantSecurityValidationKnow the true measureof your securityUnderstand how your defensesperform against real adversary attacksGain evidence of effectivenessof security controlsMeasure performance againstIndustry Frameworks21 2021 FireEye
22 2021 FireEye
MandiantConsultingOverviewIncident responder of headlinebreaches since 2004Powered by frontline threat intelligenceand purpose-built technology500 consultantsin 20 countriesRemote and on-premise rapid incidentresponseAssessment, Transformation, Defense,and Training services23 2021 FireEye
Mandiant Consulting Services PortfolioAssess to answerTransform to maturesecurity Is there attacker presence? Security program reviewand improvement Am I prepared to respond? How effective is my securityposture? Processes optimization Implementation supportDefend Expert-driven detection andresponseINCIDENTRESPONSETrain to develop yourcapabilities FireEye solutions education 24 x 7 protection Cyber security education Industry-leading detectionand intel Threat space cyber range24 2021 FireEye
MandiantDefenseSOC Investigationat Machine SpeedReduce response time and securityengineering costsAccelerate analyst productivityDetect more incidentsHandle incidents in IT/OT25 1 Trillioneventsprocessed 2021 FireEye1.1 billionworthy ofinvestigation 10,000incidentsescalated
The XDR EngineCONTEXTWhat It DoesBenefitsLeaves data where it isGathers evidence fromsiloed sensorsAutomatically incorporatescompany specific contextTriages 100% of alertsAccurate and consistentIntegratedReasoningFast investigation-toescalationGroups all events and alertsinto one incidentRules not required reducingengineering time and costsTakes feedback and adjustsautomaticallySENSORS26 2021 FireEyeMassive reduction in falsepositivesControls agnostic - leveragebest-of-breed solutions
MandiantManagedDefenseManaged Detection and Response(MDR) service delivered by frontlinedefenders that augments your teamand elevates your security posture.Expose AdversariesEnlist elite threat hunters using nation-grade cyberthreat intelligence to proactively hunt acrosssecurity controls and surface relevant threats.Accelerate ResponseRespond to attacks before they disrupt your businesswith the collective knowledge and experience ofMandiant.Elevate Your DefensesGain a team of cybersecurity experts who canaugment your security program with tailoredrecommendations.27 2021 FireEye
How Managed Defense Works123Security TechnologyTechnologyAlerts28 2021 FireEyeEnrich withMandiant ThreatIntelligence4DetectionSurfacethreats andprioritizerelevantalerts56ResponseAnalytics &AdvancedThreat HuntingContaincompromisedassets, scopeincidents andremediatePublish investigationswith findings andrecommendations
MandiantExpertise OnDemandFlexible access to a widerange of industry-recognizedMandiant security expertise. Amplify your team with side-by-side access toproven skills and threat insight. Increase situational awareness via Daily NewsAnalysis, Quarterly Threat Briefings and our Ask AnAnalyst feature. Advance your security program and capabilitiesvia training and consulting services. Gain a single, trusted partner with unrivaledbreadth and depth of cyber security experienceand skills.29 2021 FireEye
Mandiant Expertise On DemandExpertise On Demand is an annual subscription that provides flexibleaccess to the expertise organizations need, when they need it.Ask An AnalystAsk Mandiant analysts for help answering yourtoughest security questions at any time.Fixed-ScopeMandiant ServicesRequest, develop and extend expertise withflexible access to investigations, intelligence,training and consulting services.Included in All Subscriptions30 2021 FireEyeDaily News Analysis Emails -- Quarterly Threat BriefsMandiant IR Retainer (Optional SLA Available)
FireEye Products Portfolio
FireEye PortfolioFireEye HelixFireEye Network Security & ForensicsFireEye Email SecurityFireEye Endpoint SecurityFireEye Detection On DemandFireEye Cloudvisory32 2021 FireEyeThe goal of FireEye is tocatch advanced threatsacross all major threatvectors before they cancause damage andempower teams with thecritical tools for their securityoperations.
FireEye HelixTechnologyNext-GenSIEMBehaviorAnalyticsCloud eportingExpertiseOn sExpertise33 2021 FireEye
FireEye HelixOverview Real-time threatintelligenceIntelligence Codified expertise or Sub-Second search Single log source Guided investigations Compliance reporting34 2021 FireEyeFireEye andThird PartyData lls
FireEyeEmailSecurityPROTECTION FOR#1 THREAT VECTORStops advanced threats,impersonation, and phishingattacksProtects in the Cloud, onpremises, and across majorsolutions like O365 and GSuiteApplies Mandiant Threatintelligence for advanceddetection and context35 2021 FireEye
FireEye Email SecurityIntelligenceTechnologyCorrelationSuperior efficacy in detecting andstopping advanced email-borne threats.36 2021 FireEye
FireEyeEndpointSecurityStop malware andadvanced attacksDetect breaches thatbypass securityRespond to the threatsquickly, completely,and at scale37 2021 FireEye
Endpoint Security – Technology38 2021 FireEye
Endpoint Security MITRE ATT&CK MITRE ATT&CK framework replicates real-world– Becoming de-facto standard in the industry35030025020015010050039 2021 FireEyeTacticTelemetryTechniqueMSSPGeneral
FireEyeNetworkSecurity &ForensicsProvides network visibility andprotection against the world’s mostsophisticated and damaging attacks.Advanced Threat DetectionMultiple Machine learning andcorrelation enginesFull Packet Capture CapabilitiesProtection for Mac, Windows andLinux systemsOn-Premise, Virtual, Cloud andSaaS Protection40 2021 FireEye
FireEye Network SecurityMore than a sandbox, more than an appliance For InfrastructureFor Internal ApplicationsFor SaaSThe best detectionregardless of formfactorThe ability to submit filesfor verdict via APIThe ability toleverage a webgateway solutionembedded withFireEye DetectionNorth/South andEast/West Coverage41 2021 FireEye
FireEyeDetection OnDemandObjects in your cloudSOCSIEMFiles in web applications42 2021 FireEye
Journey of a el Global Cache DoD CACHEStatic AnalysisPre-Filter EngineSelectionML & AI EnginesResultCorrelationPost ProcessingDynamic AnalysisMVX EngineRESPONSE43 2021 FireEye
FireEyeCloudvisoryFireEye Cloudvisory is a control center forcloud security management that deliversVisibility, Compliance and Governanceto any cloud environment.Available on44 2021 FireEye
Cloudvisory: Differentiators At-A-Glance1The most advanced Visibility capabilities in the CSPM market today2Exception handling and in-line remediation for compliance failures3Ccloud-native microsegmentation4Complete control over role permissions45 2021 FireEye
Industry Recognition
Recent Awards and Certification47 2021 FireEye
Common Integrations48 2021 FireEye
Thank you.
2021 FireEye
51 2021 FireEye
2021 FireEye. FireEye Network Security. For Infrastructure. The best detection regardless of form factor. North/South and East/West Coverage. For Internal Applications. The ability to submit files for verdict via API. For SaaS. The ability to leverage a web gateway solution embedded with FireEye Detection. More than a sandbox, more than an .
