We're changing our name.
Verodin is now Mandiant Security Validation. Click here to learn more.

Threat Actor Assurance Module (TAAM)

Test your controls against real threat actors.

As Featured In:
Integrate Threat Intel
Seamlessly integrate with leading third-party threat intelligence platforms to produce data.
Populate Library
Generate a detailed library of known threat actors, how they operate, and run evaluations and sequences.
Test & Evaluate
Safely and continuously perform tests in your own environment to protect against known threat actors.

Enhanced Defense

Make the latest threat intelligence actionable.

The world is under near constant attack from cyber criminals, state-sponsored actors, and other entities that have the potential to impact the safety and security of your organization. With TAAM, you control whether or not you are prepared to meet today’s most formidable cyber adversaries.

Mitre Ebook Cover

Take Security Validation to the next level with Threat Actor Assurance Module (TAAM).

Enhanced Defense

Information is automatically retrieved and collected, with consolidated actor profiles.


Tactics, techniques, and procedures are mapped to the MITRE ATT&CK Framework.

Perform Tests

Security defenses are tested with the same behaviors used by your adversaries.

Present Results

Gain an accurate understanding of which threat actor groups could compromise your organization.

Get a demo to see Threat Actor Assurance Module in action and level up your Security Instrumentation Platform (SIP).
See a TAAM Demo

Welcome to the Threat Actor Assurance Module (TAAM)

This award-winning product is a supplemental module for the Security Instrumentation Platform. TAAM allows your organization to proactively leverage existing threat intelligence and validate security posture against specific threat actors.


Visualize security controls performance against real threat actors.

The TAAM dashboard provides a visualization of how your security controls perform against various Threat Actors. Each panel is populated based on the results of actions that have been run.

All users can resize, move panels, and update panel options and dates. Admins can update the default, system-wide dashboard, and organize panels as they see fit.

01 / 04

Tactics Radar

See MITRE ATT&CK Results

Click to Expand

02 / 04

Controls Panel

Continuous Testing Over Time

Click to Expand

03 / 04

Readiness Panel

Threat Actor Defense Results

Click to Expand

04 / 04

Trending Block Rate

Detailed Controls Performance

Click to Expand


Connect to third-party threat intelligence platforms.

By default these sync every 24 hours - you can have them paused, change the frequency of the sync. The information coming in is slightly different based on what’s available.

Threat Intelligence Integration Partners / Compatibility:

Threat Actor Library

Populate your library with a selection of known threat actors.

Threat actor library is populated by retrieving information from your Threat Intelligence Integration Platforms (TIPs) or by manually creating a Threat Actor Profile.

Information for each threat actor is consolidated into unique threat actor profiles, including: threat actor tactics, techniques, procedures, aliases.

Threat Actor Profiles

Understand your adversaries in actionable terms.

From a threat actor profile, you can run evaluations and sequences that are related to that threat actor and jump to the most recent job results.

Customer Story

A healthcare customer discovered major inconsistencies with their defenses in different parts of their network from attacks by APT41, a dual espionage and criminal threat actor that commonly targets their industry. TAAM allowed them to focus on improving their defenses against this attacker and demonstrate preparedness to their leadership.

Captive IOC

Safely evaluate performance without triggering actual botnets.

Captive IOC (Indicators of Compromise) Actions allow for the safe evaluation of defensive performance related to blocking communication with publicly-routable destination addresses for a Threat Actor, using proxy/nat communication rules between actors.

What's your Threat Actor 2.0 strategy?

Challenged by how to validate your security against today's most advanced threat actors? Our industry experts stand ready to help.

See a TAAM Demo

01 / 04

Tactics Radar Panel

Shows how your security controls are doing in relation to the MITRE ATT&CK tactics. If the block rate is above 75%, the information displayed is green. If below, it is red. This is interactive and you can look deeper into each area.

02 / 04

Controls Panel

Displays a series of bar charts showing the total number of tests run over a period of time. Data for this panel is based on job results for actions.

03 / 04

Threat Actor Defense Panel

Displays how well you are protected against five threat actors, based on MITRE ATT&CK techniques. For a more general view, you can change this list to alphabetical order.

04 / 04

Detailed Controls Performance

This panel allows you to quickly see how well your security controls block actions over a given timeframe. If the block rate is above 75%, the information displayed is green. If below, it is red.

TAAM Demo Request

Fill out the form below and we will get back to you soon to schedule your demo.