NDR, Threat Intelligence, Threat Management, Threat Hunting, XDR

Corelight, SentinelOne Expand Mandiant Partnerships

Cyber Threat Intelligence

Mandiant, part of Google Cloud and a Top 40 managed detection and response (MDR) security company, is bolstering its partnerships with Corelight and SentinelOne as it looks to further enhance its security capabilities.

The company announced the expanded partnerships with Corelight and SentinelOne at its mWISE Conference, which takes place September 18-20 in Washington D.C.

Corelight Provides Mandiant Customers with Next-Generation NDR

With its expanded Mandiant partnership, Corelight will offer its Open NDR (network detection and response) technology on the company's platforms and solutions, according to a prepared statement.

Corelight co-delivers its NDR solutions and technologies with Mandiant, the business noted. It harnesses the power of the triangulated products and services with Mandiant's historical telemetry to help the companies' mutual customers identify and stop cyberattacks.

In addition, Mandiant Consulting can deploy Corelight's technology within its incident response and professional service engagements. This allows Mandiant customers to use Corelight's technology to view threats and accelerate threat investigations, the companies said.

SentinelOne Adds Mandiant Threat Intelligence to Its Singularity Platform

Meanwhile, Singularity Platform users now can use Mandiant's threat intelligence to understand the threat landscape and monitor emerging threats in near-real time, SentinelOne said. That way, these users can reduce risk and identify and address threats in their IT environments.

Furthermore, Singularity XDR (eXtended detection and response) users can automatically triage incidents with context and intelligence from Mandiant, SentinelOne stated. They also can autonomously discover and remediate threats with indicators of compromise (IOCs) from Mandiant.

"Over the last 18 months, Mandiant and SentinelOne have partnered to deliver highly adaptable and intelligence-led security solutions to customers,” said Marshall Heilman, Mandiant chief technology officer, Google Cloud. “The expanded strategic partnership marks a major milestone in our journey to democratize our threat intelligence and make it actionable for everyone. By OEMing our frontline threat intelligence and expertise in leading cybersecurity technology, we can enable customers of all sizes to enhance their threat intelligence and investigations with the power of Mandiant in their preferred platform of choice.”

Google Cloud Utilizes Mandiant Threat Intelligence to Deliver Security AI Workbench

The expanded Corelight and SentinelOne partnerships come after Google Cloud in April 2023 unveiled its Security AI Workbench at the 2023 RSA Conference in San Francisco, California.

Security AI Workbench blends Google Cloud's Sec-PaLM large language model (LLM) with Mandiant threat intelligence, the companies said. It allows Google Cloud partners to integrate with the platform via an API to provide threat intelligence, workflows and other functions to their customers.

Google Cloud acquired Mandiant in March 2022 for $5.4 billion. Since that time, Mandiant has maintained partnerships with Corelight, SentinelOne and other cybersecurity and technology providers. It also continues to grow its partner ecosystem.  

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.