Skip to content
ATDbbeta
Brief
Mandiant

Mandiant

Cybersecuritymandiant.com

Mandiant delivers unmatched threat intelligence and incident response expertise drawn from frontline breach investigations, enabling organizations to detect, respond to, and proactively defend against sophisticated cyber threats.

Last updated May 11, 2026 by the ATDb Editorial Team

Founded
2004
HQ
Milpitas, California, United States
Parent
Google
Connections
4

At a glance

Employees
1001-5000
Funding
Acquired by Google for $5.4B
Revenue
$500M-$1B
2integrations1corporate family
Ad Fraud Prevention

About

A top-tier cybersecurity intelligence and incident response provider, widely regarded as the gold standard for threat intelligence and breach investigation, now operating under Google Cloud Security.

Mandiant is one of the most respected names in cybersecurity, renowned for its elite threat intelligence capabilities, incident response services, and deep expertise in nation-state and advanced persistent threat (APT) actor tracking. Originally founded as a standalone security firm, Mandiant gained global recognition after publishing its landmark 2013 APT1 report exposing Chinese cyber-espionage operations. The company became part of FireEye in 2014, and in October 2021, it divested the FireEye product business to Symphony Technology Group for $1.2 billion, rebranding the remaining intelligence and services business back to Mandiant. Google acquired Mandiant in March 2022 for approximately $5.4 billion, integrating it into Google Cloud Security to bolster its enterprise security offerings. Today, Mandiant operates as a distinct brand within Google Cloud, delivering threat intelligence, managed detection and response (MDR), security validation, and incident response services to enterprises worldwide. Its Mandiant Advantage platform aggregates threat intelligence, automates security workflows, and provides actionable insights derived from frontline incident response engagements. The company's intelligence is informed by thousands of breach investigations annually, giving it unparalleled visibility into attacker tactics, techniques, and procedures (TTPs). While Mandiant is primarily a cybersecurity company rather than an AdTech firm, its relevance to the advertising technology ecosystem lies in its ad-fraud detection capabilities, brand safety intelligence, and threat research that helps digital advertisers and publishers protect their ecosystems from malicious actors, bot networks, and fraudulent traffic schemes. Its integration with Google Cloud further amplifies its reach across the digital advertising supply chain.

Business model

SaaS + Professional Services

Target market

Enterprise

What they offer

  • Mandiant Advantage Threat Intelligence

    Comprehensive threat intelligence platform providing real-time data on threat actors, malware, and vulnerabilities sourced from frontline investigations.

  • Mandiant Advantage Attack Surface Management

    Continuously discovers and monitors an organization's external attack surface to identify exposures before attackers can exploit them.

  • Mandiant Advantage Security Validation

    Automated security control validation that tests defenses against real-world threat scenarios to identify gaps.

  • Mandiant Managed Defense

    Managed detection and response (MDR) service combining expert analysts with advanced technology for 24/7 threat monitoring and response.

  • Incident Response Services

    Elite incident response consulting for organizations experiencing active breaches or seeking to improve their response readiness.

  • Mandiant Academy

    Cybersecurity training and certification programs covering threat intelligence, incident response, and red team operations.

Key features

Nation-state and APT actor tracking across hundreds of threat groupsFrontline intelligence derived from thousands of annual breach investigationsAutomated security control validation against real-world TTPsManaged detection and response with expert analyst supportAttack surface management and exposure discoveryIntegration with Google Cloud Security ecosystemThreat intelligence API for SIEM and SOAR integrationAd-fraud and malicious traffic detection capabilities

Use cases

Enterprise incident response and breach investigationThreat intelligence enrichment for SOC and security operationsSecurity control validation and red team simulationAd-fraud detection and digital advertising ecosystem protectionNation-state threat monitoring for critical infrastructureManaged detection and response for under-resourced security teamsVulnerability prioritization based on active exploitation intelligenceThird-party risk and supply chain threat assessment

Customer segments

Large enterprises and Fortune 500 companiesGovernment and defense agenciesFinancial services institutionsHealthcare organizationsCritical infrastructure operatorsDigital advertising platforms and publishersTechnology companiesManaged security service providers (MSSPs)

Tech & specs

Technology stack

Google Cloud PlatformMachine learning and AI-driven threat detectionSTIX/TAXII threat intelligence sharing standardsREST APIs for intelligence integrationSIEM and SOAR integrationsEndpoint detection and response (EDR) technologiesThreat graph and entity relationship mapping

Security & compliance

SOC 2 Type IIISO 27001FedRAMPGDPRCCPA

Deployment

CloudHybridOn-premise

API

Yes

Corporate history
  • 2004Founded
Connection details

Explore further

2 views
On the Mapby country + regionOn the GraphNetwork around Mandiant