I'm using Mandiant Advantage for digital monitoring of our brand protection and our digital entities, in addition to tracking APT groups, cybercrime groups, and some other threat actors. I use it for intelligence and threat intelligence. I'm not using Mandiant Advantage's AI-driven analytics. Mandiant Advantage's effectiveness in providing real-time threat intelligence in my organization is quite good. The indicator feeds are great and the availability of the analyst is also good, making it near to real time. I don't use Mandiant Advantage for incident response, and fortunately, I haven't had any incidents that needed to be responded to. I've utilized the YARA rules on VirusTotal, which is the platform of Mandiant Advantage. This is the only automation I use.
Information Security Officer at a tech vendor with 51-200 employees
Real User
Top 5
Jan 30, 2025
I use it for cyber threat intelligence. I gather information about newly created domains around the Internet that can be related to my managed company. I monitor these domains for any phishing activities. Additionally, I monitor the dark web and hacker forums for any mention of my serviced company or its users. I also check leaked databases on the Internet and dark web for any leaks of sensitive information.
Associate Consultant (IT Security) at Triune Digital Security
Real User
Top 5
Jan 28, 2025
I have a good database of IOCs and behavior analytics. Once I integrate this with EDR on Enfolds, the tool provides in-depth traffic analysis through Mandiant. It also classifies techniques mentioned in Maitre. This becomes handy when I am doing incident response and working on the manual part.
Managing Member at a tech vendor with self employed
Real User
Mar 12, 2023
Our primary use case was monitoring the threat actors that our clients were concerned about. We also used Mandiant Advantage to map the infrastructure that the threat experts were using and monitor all the discussions involving the customer originating from these threat actors.
They're in the process of rebranding with Google. I get access to Mandiant Advantage as well as Manage Defense with our subscription. What they do is they go over, and they grab all the events out of Helix, do all the level one, two, and three checks on it, and then send over whatever is left over, which is typically very little. I utilize it sparingly. The Managed Defense uses that information already and does a lot of the grunt work on the incidents that come in.
Mandiant Advantage is a multi-vendor XDR platform that provides security teams of all sizes with frontline intelligence. Mandiant Advantage aims to speed up operational as well as strategic security and risk decision making. Mandiant Advantage provides security teams with an early knowledge advantage through the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis capabilities. Organizations are better protected from cyber attacks and more...
I'm using Mandiant Advantage for digital monitoring of our brand protection and our digital entities, in addition to tracking APT groups, cybercrime groups, and some other threat actors. I use it for intelligence and threat intelligence. I'm not using Mandiant Advantage's AI-driven analytics. Mandiant Advantage's effectiveness in providing real-time threat intelligence in my organization is quite good. The indicator feeds are great and the availability of the analyst is also good, making it near to real time. I don't use Mandiant Advantage for incident response, and fortunately, I haven't had any incidents that needed to be responded to. I've utilized the YARA rules on VirusTotal, which is the platform of Mandiant Advantage. This is the only automation I use.
I use it for cyber threat intelligence. I gather information about newly created domains around the Internet that can be related to my managed company. I monitor these domains for any phishing activities. Additionally, I monitor the dark web and hacker forums for any mention of my serviced company or its users. I also check leaked databases on the Internet and dark web for any leaks of sensitive information.
I have a good database of IOCs and behavior analytics. Once I integrate this with EDR on Enfolds, the tool provides in-depth traffic analysis through Mandiant. It also classifies techniques mentioned in Maitre. This becomes handy when I am doing incident response and working on the manual part.
We use the solution for threat detection.
Our primary use case was monitoring the threat actors that our clients were concerned about. We also used Mandiant Advantage to map the infrastructure that the threat experts were using and monitor all the discussions involving the customer originating from these threat actors.
They're in the process of rebranding with Google. I get access to Mandiant Advantage as well as Manage Defense with our subscription. What they do is they go over, and they grab all the events out of Helix, do all the level one, two, and three checks on it, and then send over whatever is left over, which is typically very little. I utilize it sparingly. The Managed Defense uses that information already and does a lot of the grunt work on the incidents that come in.