Mandiant released Ransomware Defense Validation within the Mandiant Advantage platform to give security leaders continuous and quantifiable insight on their ability to prevent specific ransomware families.
Ransomware attacks have grown significantly over the last few years and any organization – regardless of size or industry – can become a target. In fact, from 2019 to 2021, Mandiant experts saw ransomware activity roughly double.
To address this rapidly evolving issue, Mandiant Advantage Ransomware Defense Validation leverages Mandiant’s threat intelligence, ransomware re-configuration capabilities and automated validation infrastructure to provide security leaders with evidence whether their organizations are able to prevent specific ransomware attacks.
“The frequency and proliferation of ransomware is accelerating, and without the right resources in place, organizations of all sizes and industries are struggling to know whether they are prepared for a ransomware attack,” said Mike Armistead, Senior Vice President, Mandiant Advantage Products at Mandiant. “Ransomware Defense Validation enables organizations to quickly understand and measure whether their security controls can prevent specific ransomware attacks and multifaceted extortion campaigns.”
Ransomware preparedness via intelligence-led validation
Daily headlines highlight victims of increasingly frequent and widespread ransomware attacks as threat actors continue to evolve tactics to make their operations more efficient and effective. And even with the arrests Russian officials made last month of a group of high-profile cybercriminals in an effort to take action against the ransomware problem, Mandiant has not observed a subsequent decline in these operations overall.
Ransomware Defense Validation counters this reality by curating the most critical ransomware threats Mandiant’s experts are seeing on the frontlines and repurposing them so that organizations can automatically, continuously and safely test their defenses against ransomware families like CONTI, a group that publicized the theft of data from more than 500 organizations in 2021, along with other prolific threats like MOUNTLOCKER, RYUK and SODINOKIBI.
Collectively, these families accounted for some of the most active ransomware at incidents that Mandiant responded to in 2021. Information on ransomware families is updated on a regular basis to stay current with the attacks most prevalent in the industry. Further, not only are organizations able to test their ability to prevent these ransomware attacks, they are also able to see in a quantifiable, live dashboard the stages in which the ransomware would have failed or succeeded.