Praetorian vs Mandiant (part of Google Cloud)
Praetorian
Founded in 2010 by Nathan Sportsman and headquartered in Austin, Texas, Praetorian positions itself around 'continuous offensive security.' It pairs traditional consulting with Chariot, a platform combining external attack-surface management, continuous testing, and AI-driven workflow automation to surface exploitable issues on an ongoing basis.
Pros
- Chariot supports continuous, year-round testing rather than annual point-in-time pentests
- Strong engineering culture with mature internal tooling and automation
- Bootstrap-grown firm with stable leadership and long consultant tenure
- Service model designed to satisfy annual testing requirements across multiple frameworks in one program
Cons
- Chariot subscription pricing is enterprise-tier with no public list
- Primarily U.S.-based delivery with smaller international footprint
- Continuous-testing model is a poor fit for buyers needing only a single compliance pentest
Pricing: Custom (contact sales)
Mandiant (part of Google Cloud)
Founded in 2004 by Kevin Mandia, Mandiant built a global reputation responding to the world's most high-profile breaches. After acquisition by FireEye in 2013 and by Google for ~$5.4B in 2022, the firm retained its brand and now operates inside Google Cloud as a specialist consultancy for incident response, threat intelligence, and offensive security.
Pros
- Frontline visibility into nation-state and ransomware intrusions through real IR casework
- Deep threat intelligence backed by APT group tracking (APT1, APT28, APT41)
- Backed by Google Cloud scale, telemetry, and engineering resources
- Brand recognition that satisfies board and regulator expectations after a breach
Cons
- Premium enterprise pricing with bespoke engagements and no public price list
- Lead times can be long outside an active retainer relationship
- Brand and roadmap increasingly tied to Google Cloud's strategic priorities
Pricing: Custom (contact sales)