Ransomware Defense Validation (RDV), available for both Mandiant Advantage Security Validation (MA-SV) and Mandiant Security Validation (MSV), delivers a “low touch," safe, and continuous test of whether your security controls can prevent the latest ransomware. It leverages Mandiant’s incident response experience and world-class threat intelligence to provide visibility into your security controls’ ability to alert on or block prevalent ransomware.
Prerequisites
Before you start using RDV, you need to meet the following criteria:
- Actors that are used to run RDV content must be on release 4.12.0.0 or later
- MSV only: The Director must be on release 4.12.0.0 or later
- Have a content pack license and obtain the latest RDV content pack from Content Pack Downloads
- Have exclusions established so that the appropriate files are added to your allow list:
RDV Benefits
RDV for Security Validation allows you to run Jobs with RDV content and present the results of those Jobs in Report Builder using special panels. Once you've met the prerequisites, you gain access to the following features:
- RDV content: Repurposes actual ransomware and controls it so it can be executed safely. Safely leveraging actual ransomware from likely and prevalent attackers enables authentic and accurate testing of your endpoint security controls in your actual production environment.
- RDV panels in Report Builder: Panels in Report Builder that represent summaries and results of any RDV Jobs in a granular fashion. These can also present links to Threat Actors and further details about Ransomware campaigns (MA-SV only).
See Use Security Validation for Ransomware Defense Validation for more information.