I think Mandiant Advantage could be improved regarding their intelligence on fraud and cybercrime. Additionally, their platform should be better. Mandiant Advantage's platform itself is not good yet. They have many bugs because they changed the platform, so from time to time it's simply not working at all. The UX is not good, and it's somewhat lacking in capabilities because they're counting on you to buy the service of the dedicated intelligence analyst. Flexibility is another area for improvement in Mandiant Advantage.
Information Security Officer at a tech vendor with 51-200 employees
Real User
Top 5
Jan 30, 2025
Sometimes Mandiant Advantage becomes noisy when dealing with widely recognized companies due to false positives. More fine-tuning is required to handle famous company names. It also handles alerts slowly when there are many open incidents, and sometimes it opens the wrong incident. Optimization on the browser would be very nice.
Associate Consultant (IT Security) at Triune Digital Security
Real User
Top 5
Jan 28, 2025
I have already given them feedback that their UI needs improvement since sometimes there is a lag. The side-by-side depiction of request response and action clogs the screen. Collaboration of data in my view becomes a bit clogged, requiring effort to understand visually.
Partner, Cyber Security at a financial services firm with 10,001+ employees
Real User
Top 5
Jul 31, 2024
To effectively utilize threat intelligence, it's important to have a clear plan for translating that information into actions. This involves defining what actions need to be taken, such as escalation procedures, reporting, and further workflows. Mandiant Advantage can integrate with various systems, such as SIEM or SOC tools. For instance, integration with ServiceNow or similar platforms allows SOC teams to receive actionable alerts and response suggestions. This ensures that relevant teams can act promptly when potential threats are detected, streamlining the response process and enhancing overall security operations.
Managing Member at a tech vendor with self employed
Real User
Mar 12, 2023
I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform. The free tech search is also super slow and sometimes you have to wait for 20 or 30 minutes to get results. Because of this, I have to use a cloud language that is similar to the SQL language, both of which are quite hard to use. I also think that the user experience is a bit damaged and can be improved since the platform is not as intuitive as it should be.
I don't use the solution very often, and therefore it is hard to say if areas are lacking. They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful. You used to get support via email, which was better.
Mandiant Advantage is a multi-vendor XDR platform that provides security teams of all sizes with frontline intelligence. Mandiant Advantage aims to speed up operational as well as strategic security and risk decision making. Mandiant Advantage provides security teams with an early knowledge advantage through the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis capabilities. Organizations are better protected from cyber attacks and more...
I think Mandiant Advantage could be improved regarding their intelligence on fraud and cybercrime. Additionally, their platform should be better. Mandiant Advantage's platform itself is not good yet. They have many bugs because they changed the platform, so from time to time it's simply not working at all. The UX is not good, and it's somewhat lacking in capabilities because they're counting on you to buy the service of the dedicated intelligence analyst. Flexibility is another area for improvement in Mandiant Advantage.
Sometimes Mandiant Advantage becomes noisy when dealing with widely recognized companies due to false positives. More fine-tuning is required to handle famous company names. It also handles alerts slowly when there are many open incidents, and sometimes it opens the wrong incident. Optimization on the browser would be very nice.
I have already given them feedback that their UI needs improvement since sometimes there is a lag. The side-by-side depiction of request response and action clogs the screen. Collaboration of data in my view becomes a bit clogged, requiring effort to understand visually.
To effectively utilize threat intelligence, it's important to have a clear plan for translating that information into actions. This involves defining what actions need to be taken, such as escalation procedures, reporting, and further workflows. Mandiant Advantage can integrate with various systems, such as SIEM or SOC tools. For instance, integration with ServiceNow or similar platforms allows SOC teams to receive actionable alerts and response suggestions. This ensures that relevant teams can act promptly when potential threats are detected, streamlining the response process and enhancing overall security operations.
I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform. The free tech search is also super slow and sometimes you have to wait for 20 or 30 minutes to get results. Because of this, I have to use a cloud language that is similar to the SQL language, both of which are quite hard to use. I also think that the user experience is a bit damaged and can be improved since the platform is not as intuitive as it should be.
I don't use the solution very often, and therefore it is hard to say if areas are lacking. They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful. You used to get support via email, which was better.