From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

IndustryInformation security
FounderKevin Mandia
HeadquartersAlexandria, Virginia
Key people
Kevin Mandia, CEO
Richard Bejtlich, CSO
RevenueIncrease US$100 million (2012)
Number of employees
300 (2013)
ParentFireEye, Inc.

Mandiant is an American cybersecurity firm. It rose to prominence in February 2013 when it released a report directly implicating China in cyber espionage.[1] On December 30, 2013, Mandiant was acquired by FireEye in a stock and cash deal worth in excess of $1 billion.[2]


Kevin Mandia, a former United States Air Force officer who serves as the company's chief executive officer, founded Mandiant as Red Cliff Consulting in 2004 prior to rebranding in 2006.[3] In 2011, Mandiant received funding from Kleiner Perkins Caufield & Byers to expand its staff and grow its business-to-business operations. Mandiant provides incident response and general security consulting along with incident management products to major global organizations, governments, and Fortune 100 companies. Its 2012 revenues were over $100 million, up 76% from 2011.[4] The company was acquired by FireEye on December 30, 2013.[5] Mandiant was awarded both the 2012 and 2013 SC Award for exemplary professional leadership in information-technology (IT) security.[6] Mandiant is the creator of OpenIOC (Open Indicators of Compromise), an extensible XML schema for the description of technical characteristics that identify threats, attackers' methodologies, and evidence of compromise.

APT1 espionage report[edit]

On February 18, 2013, Mandiant released a report[7] documenting evidence of cyber attacks by the People's Liberation Army (specifically Pudong-based PLA Unit 61398[8]) targeting at least 141 organizations in the United States and other English-speaking countries extending as far back as 2006.[9] In the report, Mandiant refers to the espionage unit as APT1.[10] The report states that it is likely that Unit 61398 is the source of the attacks. A video was uploaded to YouTube demonstrating one such intrusion by APT.[11]


  1. ^ "Mandiant Intelligence Center Report". 2013. Retrieved January 5, 2016.
  2. ^ Nicole Perlroth and David E. Sanger (January 2, 2014). "FireEye Computer Security Firm Acquires Mandiant". New York Times. Retrieved January 5, 2016.
  3. ^ "MANDIANT, A New Name for a Fast Growing Company; Red Cliff Consulting LLC Rebrands as Firm Offers Expanded Services, Education and Software Tools". Business Wire. February 14, 2006. Retrieved January 5, 2016.
  4. ^ Brad Stone and Michael Riley (February 7, 2013). "Mandiant, the Go-To Security Firm for Cyber-Espionage Attacks". Bloomberg Business. Retrieved January 5, 2016.
  5. ^ "FireEye Announces Acquisition of Mandiant". 2014. Retrieved January 5, 2016.
  6. ^ "SC Magazine Names Mandiant® the 2013 Professional Award Winner for Best Security Company". March 5, 2013. Archived from the original on June 21, 2013. Retrieved January 5, 2016.
  7. ^ "APT1: Exposing One of China's Cyber Espionage Units" (PDF). February 18, 2013. Retrieved March 15, 2017.
  8. ^ Xu Weiwei (February 20, 2013). "China denies hacking claims". Morning Whistle. Archived from the original on June 29, 2013. Retrieved January 5, 2016.
  9. ^ David E. Sanger, David Barboza and Nicole Perlroth (February 18, 2013). "Chinese Army Unit Is Seen as Tied to Hacking Against U.S." New York Times. Retrieved January 5, 2016.
  10. ^ William Wan and Ellen Nakashima (February 19, 2013). "Report ties cyberattacks on U.S. computers to Chinese military". Washington Post. Retrieved January 5, 2016.
  11. ^ APT1: Exposing One of China's Cyber Espionage Units on YouTube

External links[edit]