Mandiant Security Validation (MSV) is an automated and continuous approach to testing the efficacy of an organization's security controls against cyber threats. Security Validation is informed by timely threat intelligence and executes automated and continuous testing of security controls with the use of real attacks.
Effective security requires more than just implementing controls. Understanding their real-world effectiveness is crucial for protecting your organization from cyber threats. Mandiant Security Validation tackles this challenge by providing a comprehensive solution to test and evaluate your security posture.
Baseline Testing provides a starting point for measuring the effectiveness of your security controls. Baselines are essential for creating a repeatable process to generate large scale metrics used to measure trends and get a deeper understanding of your security posture.
Implementing Baseline Testing
Identifying actions from the Action Library to add to your baseline evaluation can be one of the hardest parts. Some users are not sure where to start, while others get overwhelmed by the 7000+ actions available within the library. We’ve included some guidelines below to help you create your own baseline evaluation:
Baseline testing is the initial step in understanding your security posture. It involves identifying critical assets, analyzing the security controls in place, and conducting tests to measure their effectiveness against common attack scenarios. The focus of baseline testing should be on understanding your current security posture and identifying gaps instead of immediately remediating or re-configuring security controls.
Special thanks to @nathanael_s for the idea.