Mandiant announces the availability of Ransomware Defense Validation

Mandiant announced the availability of Ransomware Defense Validation within the Mandiant Advantage platform. Ransomware attacks have increased significantly in recent years and any organization, regardless of size or sector, can become a target.

In fact, from 2019 to 2021, Mandiant experts saw the use of ransomware double.

To address this rapidly evolving threat, Mandiant Advantage Ransomware Defense Validation leverages Mandiant’s market-leading threat intelligence, ransomware reconfiguration capabilities, and automated Security Validation infrastructure to enable security teams to obtain the answer to whether your organization can prevent specific ransomware attacks.

“The frequency and proliferation of ransomware is accelerating and organizations of all sizes and sectors, even without the right resources, are trying to figure out if they are prepared to face a ransomware attack,” he says. Mike Armistead, Senior Vice President, Mandiant Advantage Products of Mandiant.

“Ransomware Defense Validation it allows organizations to quickly understand if the security controls they own can block specific ransomware attacks and multi-faceted extortion campaigns “.


Ransomware attacks are becoming more frequent and widespread as threat actors continue to evolve their tactics to make their operations more efficient and effective. Furthermore, even with the arrests of a group of high-profile cybercriminals by Russian officials in an effort to take action against the danger of ransomware, Mandiant has not observed a subsequent decline in these operations.

Ransomware Defense Validation counteracts this reality by taking action against the most critical ransomware threats that Mandiant observes at the forefront, repurposing them so that organizations can test automatically, continuous and secure defenses against ransomware families such as CONTIa group that stole data from more than 500 organizations in 2021, along with other prolific threats such as MOUNTLOCKER, RYUK And SODINOKIBI.

Information on ransomware families is updated regularly to keep up with the most widespread attacks. Furthermore, with this implementation, organizations not only have the ability to test the capabilities of preventing these ransomware attacks, but also see, via a live and quantifiable dashboard, the stages in which ransomware has failed or succeeded.