Mandiant Launches Tool For Detecting, Responding To Targeted Attacks

MIR 2.0 features powerful, host-based incident response capabilities for enterprise organizations

May 17, 2011

3 Min Read

PRESS RELEASE

ORLANDO, (CEIC Booth 706), May 16, 2011 - MANDIANT, the leader in incident response and computer forensics solutions and services, today announced the release of MANDIANT Intelligent Response' (MIR) v.2.0. MIR 2.0 features powerful, host-based incident response capabilities for enterprise organizations.

"The evolution of today's advanced attacks has outpaced the efficacy of security safeguards. It is no longer acceptable for any organization to exclusively rely on preventive measures," said MANDIANT Chief Executive Officer Kevin Mandia. "MIR 2.0 extends far beyond traditional threat detection products to protect enterprise assets and tackle unpredictable events with confidence."

Intelligent Response dramatically lowers risk by decreasing response time after a breach and ensuring that every host compromised in an attack is found. Security teams can respond remotely to any host in their environment - in minutes rather than hours, reducing an attacker's window of opportunity and speeding the organization's return to normal business operations.

MIR 2.0 is fueled by Indicators of Compromise (IOCs), XML-based descriptors of malicious activity that allow an organization to sweep tens of thousands of endpoints in search of compromised hosts. IOCs are developed through a combination of external and internal intelligence sources, including MANDIANT-generated intelligence feeds based on years of worldwide, frontline incident response consulting experience. MANDIANT customers all participate in the IOC ecosystem, enabling organizations to benefit from threat intelligence derived from breaches in other environments.

"After evaluating several different products, we determined that MANDIANT Intelligent Response was the best platform available for responding to suspicious activity in our infrastructure," said Chris Koutras, Senior Security Engineer, Depository Trust & Clearing Corporation.

MIR 2.0 features and benefits include:

Rapid live response through pre-deployed agents delivers remote forensic access to any system, and on-host analysis enables full investigation over slower WAN links without waiting for memory or disk image downloads.

Security-focused hybrid disk/memory forensics delivering insightful analysis impossible to achieve with conventional tools.

Targeted data acquisition featuring powerful filtering capabilities within the agent, returning only the most critical data needed and delivering answers to forensic questions from thousands of hosts at a time.

Guided analysis using MANDIANT RedlineTM to rapidly triage hosts for malware.

"In today's climate of quick-strike and undetected sleeper breaches, security teams are more under the gun than ever to exercise rapid response capabilities, minimize risk exposure and execute incident response best practices," said Andrew Hay, Senior Security Analyst of The 451 Group's Enterprise Security Practice. "Comparatively, the performance and effectiveness of traditional preventive security measures are increasingly being called into question, elevating demand for remediation and forensics tools like MANDIANT Intelligent Response."

About DTCC

DTCC, through its subsidiaries, provides clearance, money settlement and information services for equities, corporate and municipal bonds, government and mortgage-backed securities, money market instruments and over-the-counter derivatives.

About MANDIANT

MANDIANT is the information security industry's leading provider of incident response and computer forensics solutions and services. Headquartered in Alexandria, Va., with offices in New York, Los Angeles and San Francisco, MANDIANT provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and leading U.S. law firms. MANDIANT comprises one of the industry's largest incident response and forensics forces. The authors of nine books, and quoted frequently by leading media organizations, MANDIANT security consultants and engineers hold top government security clearances and certifications and advanced degrees from some of the most prestigious computer science universities. To learn more about MANDIANT visit www.mandiant.com, read the company blog, M-Unition, follow on Twitter @MANDIANT or on Facebook .

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights