EC News DeskFireEye has announced the availability of two new FireEye Mandiant services. Cloud Security Assessments help organisations evaluate and harden security in cloud platforms, and Cyber Defense Operations consulting services help organisations achieve security transformation by improving the detection and response capabilities of their security operations centre, SOC.
Almost all major organisations are using or planning to use cloud environments for a variety of reasons, including cost and operational efficiencies. However, cloud security implementation requires a completely different approach and specialised skills compared to on-premises. Without the proper knowledge and contextual understanding of cloud security, the benefits associated with the cloud can quickly become diluted as organisations inadvertently expose themselves to greater levels of risk.
Cloud Security Assessments are based on the latest ways that attackers bypass cloud security measures, as observed on the frontlines by FireEye Mandiant experts. Available on the most popular cloud-based platforms including Microsoft Office 365, Microsoft Azure, Amazon Web Services, and Google Cloud, these assessments address common misconfigurations and issues with how organisations utilise and integrate the cloud into their existing IT and security programmes. Through tactical coaching and comprehensive recommendations, organisations achieve increased risk visibility and enhanced functional capabilities. Cloud Security Assessments can be customised to suit organisational budgets and security programme objectives.
It’s one thing to develop playbooks and define best practices, and it’s quite another to effectively implement those detection and response processes into how a SOC operates. With Cyber Defence Operations, FireEye Mandiant experts help to accelerate an organisation’s security transformation initiatives by providing hands-on keyboard support for critical SOC roles. First, consultants conduct an initial evaluation that helps to define the transformation goals and objectives that will best mature the organisation’s capabilities. Examples of these objectives include building out threat hunting programmes and security metrics programmes.
Dedicated Mandiant personnel will then offer technical event triage, analysis, and investigation support, operating within the client’s environment. Through this process, areas for maturation are identified and pursued, helping to identify and resolve visibility gaps and procedural issues. Throughout, knowledge transfer is continually conducted with the organisation’s existing detection and response team to help ensure changes are effectively operationalised.
“For more than 15 years, FireEye Mandiant has been at the forefront of cyber security and cyber threat intelligence. We have a deep understanding of evolving attacker behaviours and motivations derived direct from the frontlines that extends across the cloud and on-premises environments. Our Cloud Security Assessments and Cyber Defence Operations consulting services are two new offerings to help clients protect their key assets before, during and after an incident,” said Jurgen Kutscher, EVP of Service Delivery at FireEye.
“Given the critical nature of Office 365 to our company and the type of data stored there, it’s important for us to validate the security of the service. The FireEye Mandiant Cloud Security Assessment helped us understand the risks, while identifying areas for improvement and actionable recommendations. We were able to greatly improve our organisation’s secure use of Office 365 with the guidance from Mandiant,” said the CSO of a global enterprise technology company.
