Mandiant CEO’s MSSP Partner & XDR Security Strategy
Mandiant, now free from the FireEye products business, has a five-point plan to drive partner-oriented sales, CEO Kevin Mandia told Wall Street analysts during the cybersecurity company’s quarterly earnings call on November 4, 2021. He also outlined four ways Maindiant is driving SaaS- and XDR-related research and development.
As part of the five point partner plan, Maindiant recently:
- Created a technical alliances group to connect Mandiant’s intelligence expertise and advantage platform to other security product companies. Among the first moves is a Splunk relationship, which enables Splunk customers to operationalize Mandiant threat intelligence for adversary detection; interact directly with Mandiant experts for incident response; and validate their security posture against emerging and novel attacks, he said.
- Formed a strategic alliances group for system integrators and MSSPs. “We plan to enable integrators and MSSP to use the Mandiant advantage platform to deliver security transformation and modernization programs for their customers,” he said.
- Created an industry aligned expert team to “help us navigate and deliver tailored strategic services to various industry sectors such as finance, healthcare, defense utilities, among others; addressing their specific requirements based on mission, regulations and the risk profile,” he said.
- Hired a new leader to create a strategic alliance program targeting partnerships with global governments.
- Hired a new channel lead to create and manage a channel program that addresses the middle market in an efficient way.
Mandiant SaaS-based XDR Security Plan
Mandia also described a four-point R&D and innovation strategy. The overall strategy involves the Mandiant Advantage Platform — which is a SaaS-based XDR platform that addresses threat intelligence, security validation, automated defense and attack surface management. The related four-point technology strategy involves:
- A multi-vendor managed defense capability, which no longer requires Mandiant customers to run FireEye’s products. “Now our customers can rely on Mandiant expertise and intelligence to leverage the controls and vendors that they choose,” he said.
- Launching active breach and Intel monitoring capabilities the first quarter of 2022. “This capability enables visibility into Mandiant threat intelligence in real time. It is the functional equivalent of collaborating with our incident responders in the field, proactively checking our customers’ environment with the most up-to-date intelligence available as respond to the new and novel cyber attacks,” he said.
- Rolling out a Ransomware defense validation solution, which “tests a customer’s ability to defend against the ransomware attacks we are seeing in the field and provides unvarnished truth about an organization’s readiness to various ransomware actors,” he said.
- Acquiring Intrigue, which “allows Mandiant to deliver attack surface management or ASM as another module in the Mandiant advantage platform,” he said. ASM identifies how organizations could be compromised by identifying applications that are visible, vulnerable and exploitable. Mandiant plans to integrate attack service management into the Mandiant Advantage Platform in the first quarter of 2022, he said.
Mandiant Business Opportunities, Challenges
Now independent of the FireEye business, Mandiant should have more opportunities to work with third-party technology companies. However, the company will face intense competition on both the product and IT consulting fronts.
Among the latest financial metrics to note for Q3 of 2021:
- Mandiant’s revenue was $122 million, up 22 percent from Q3 of 2020.
- The company’s net loss was $68 million, larger than a $39 million net loss in Q3 of 2020.
The revenue figure generally beat Wall Street expectations, but profit figures generally lagged expectations, according to SeekingAlpha.