Mandiant

Subsidiary

Mandiant delivers unmatched threat intelligence and incident response expertise drawn from frontline breach investigations, enabling organizations to detect, respond to, and proactively defend against sophisticated cyber threats.

mandiant.comMilpitas, California, United StatesFounded 2004

Last updated May 3, 2026 by AI Enrichment

Industry: Cybersecurity / Threat Intelligence
Business Model: SaaS + Professional Services
Target Market: Enterprise
Employee Count: 1001-5000
Funding: Acquired by Google for $5.4B
Revenue Range: $500M-$1B
Parent Company: Google (Alphabet Inc.)
API Available: Yes

Market Position

A top-tier cybersecurity intelligence and incident response provider, widely regarded as the gold standard for threat intelligence and breach investigation, now operating under Google Cloud Security.

Overview

Mandiant is one of the most respected names in cybersecurity, renowned for its elite threat intelligence capabilities, incident response services, and deep expertise in nation-state and advanced persistent threat (APT) actor tracking. Originally founded as a standalone security firm, Mandiant gained global recognition after publishing its landmark 2013 APT1 report exposing Chinese cyber-espionage operations. The company became part of FireEye in 2014, and in October 2021, it divested the FireEye product business to Symphony Technology Group for $1.2 billion, rebranding the remaining intelligence and services business back to Mandiant. Google acquired Mandiant in March 2022 for approximately $5.4 billion, integrating it into Google Cloud Security to bolster its enterprise security offerings. Today, Mandiant operates as a distinct brand within Google Cloud, delivering threat intelligence, managed detection and response (MDR), security validation, and incident response services to enterprises worldwide. Its Mandiant Advantage platform aggregates threat intelligence, automates security workflows, and provides actionable insights derived from frontline incident response engagements. The company's intelligence is informed by thousands of breach investigations annually, giving it unparalleled visibility into attacker tactics, techniques, and procedures (TTPs). While Mandiant is primarily a cybersecurity company rather than an AdTech firm, its relevance to the advertising technology ecosystem lies in its ad-fraud detection capabilities, brand safety intelligence, and threat research that helps digital advertisers and publishers protect their ecosystems from malicious actors, bot networks, and fraudulent traffic schemes. Its integration with Google Cloud further amplifies its reach across the digital advertising supply chain.

Products & Features

Mandiant Advantage Threat Intelligence

Comprehensive threat intelligence platform providing real-time data on threat actors, malware, and vulnerabilities sourced from frontline investigations.

Mandiant Advantage Attack Surface Management

Continuously discovers and monitors an organization's external attack surface to identify exposures before attackers can exploit them.

Mandiant Advantage Security Validation

Automated security control validation that tests defenses against real-world threat scenarios to identify gaps.

Mandiant Managed Defense

Managed detection and response (MDR) service combining expert analysts with advanced technology for 24/7 threat monitoring and response.

Incident Response Services

Elite incident response consulting for organizations experiencing active breaches or seeking to improve their response readiness.

Mandiant Academy

Cybersecurity training and certification programs covering threat intelligence, incident response, and red team operations.

Key Features

Nation-state and APT actor tracking across hundreds of threat groupsFrontline intelligence derived from thousands of annual breach investigationsAutomated security control validation against real-world TTPsManaged detection and response with expert analyst supportAttack surface management and exposure discoveryIntegration with Google Cloud Security ecosystemThreat intelligence API for SIEM and SOAR integrationAd-fraud and malicious traffic detection capabilities

Use Cases

Enterprise incident response and breach investigationThreat intelligence enrichment for SOC and security operationsSecurity control validation and red team simulationAd-fraud detection and digital advertising ecosystem protectionNation-state threat monitoring for critical infrastructureManaged detection and response for under-resourced security teamsVulnerability prioritization based on active exploitation intelligenceThird-party risk and supply chain threat assessment

Customer Segments

Large enterprises and Fortune 500 companiesGovernment and defense agenciesFinancial services institutionsHealthcare organizationsCritical infrastructure operatorsDigital advertising platforms and publishersTechnology companiesManaged security service providers (MSSPs)

Connections