Mandiant (part of Google Cloud) vs Praetorian
Mandiant (part of Google Cloud)
Founded in 2004 by Kevin Mandia, Mandiant built a global reputation responding to the world's most high-profile breaches. After acquisition by FireEye in 2013 and by Google for ~$5.4B in 2022, the firm retained its brand and now operates inside Google Cloud as a specialist consultancy for incident response, threat intelligence, and offensive security.
Pros
- Frontline visibility into nation-state and ransomware intrusions through real IR casework
- Deep threat intelligence backed by APT group tracking (APT1, APT28, APT41)
- Backed by Google Cloud scale, telemetry, and engineering resources
- Brand recognition that satisfies board and regulator expectations after a breach
Cons
- Premium enterprise pricing with bespoke engagements and no public price list
- Lead times can be long outside an active retainer relationship
- Brand and roadmap increasingly tied to Google Cloud's strategic priorities
Pricing: Custom (contact sales)
Praetorian
Founded in 2010 by Nathan Sportsman and headquartered in Austin, Texas, Praetorian positions itself around 'continuous offensive security.' It pairs traditional consulting with Chariot, a platform combining external attack-surface management, continuous testing, and AI-driven workflow automation to surface exploitable issues on an ongoing basis.
Pros
- Chariot supports continuous, year-round testing rather than annual point-in-time pentests
- Strong engineering culture with mature internal tooling and automation
- Bootstrap-grown firm with stable leadership and long consultant tenure
- Service model designed to satisfy annual testing requirements across multiple frameworks in one program
Cons
- Chariot subscription pricing is enterprise-tier with no public list
- Primarily U.S.-based delivery with smaller international footprint
- Continuous-testing model is a poor fit for buyers needing only a single compliance pentest
Pricing: Custom (contact sales)