Breach Analytics enables Chronicle customers to reduce attacker dwell time with advanced automation.

Have you ever wondered what it takes to develop our annual M-Trends report? The short answer is: a whole lot! Our host Luke McNamara asked Regina Elwell, Senior Principal Threat Analyst on the Advanced Practices Team, and Steve Stone, Senior Director for Advanced Practices, to take us behind the scenes so we can see exactly what goes into building an edition of M-Trends. 

A highly advanced China-nexus espionage group exploited a 2023 VMware vulnerability as far back as 2021.

This post examines new persistence and auth bypass techniques for Pulse Secure VPNs, which we've observed being used by one or more groups.

Mandiant has found APT29 using new TTPs and demonstrating advanced tactics targeting Microsoft 365

The FireEye Labs Advanced Reverse Engineering (FLARE) Team is sharing a third installment of a blog about the IDA Pro script with the community.

In December 2017, FireEye's Mandiant discussed an incident response involving the TRITON framework, and now FireEye’s Advanced Practices Team takes a deeper look at TRITON’s Python scripts.

FakeNet-NG is a powerful and highly configurable tool that can be used to perform more advanced tasks such as process and traffic filtering, aiding in automatic malware unpacking, security assessment of thick-client applications and many others.

Operating on the front lines every single day, FireEye Mandiant team of incident response consultants handle hundreds of engagements every year, relying on their knowledge and expertise combined with extensive information as well as capabilities provided by dedicated Threat Intelligence and Malware Reverse Engineering functions. Able to intervene from the initial detection to the final resolution of the incident, including investigation and remediation support, Incident Responders rely on advanced and custom tailored endpoint, network and digital forensics technology, able to intervene and operate at large enterprise scale.

Our Mandiant Partnerships and Technology Alliance teams build relationships with industry-leading security controls providers to deliver advanced protection for our customers through our technology ecosystem. We are always looking for the right partners to build custom solutions that make us better together.