Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/16/2011
03:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Mandiant Launches Tool For Detecting, Responding To Targeted Attacks

MIR 2.0 features powerful, host-based incident response capabilities for enterprise organizations

ORLANDO, (CEIC Booth 706), May 16, 2011 - MANDIANT, the leader in incident response and computer forensics solutions and services, today announced the release of MANDIANT Intelligent Response' (MIR) v.2.0. MIR 2.0 features powerful, host-based incident response capabilities for enterprise organizations.

"The evolution of today's advanced attacks has outpaced the efficacy of security safeguards. It is no longer acceptable for any organization to exclusively rely on preventive measures," said MANDIANT Chief Executive Officer Kevin Mandia. "MIR 2.0 extends far beyond traditional threat detection products to protect enterprise assets and tackle unpredictable events with confidence."

Intelligent Response dramatically lowers risk by decreasing response time after a breach and ensuring that every host compromised in an attack is found. Security teams can respond remotely to any host in their environment - in minutes rather than hours, reducing an attacker's window of opportunity and speeding the organization's return to normal business operations.

MIR 2.0 is fueled by Indicators of Compromise (IOCs), XML-based descriptors of malicious activity that allow an organization to sweep tens of thousands of endpoints in search of compromised hosts. IOCs are developed through a combination of external and internal intelligence sources, including MANDIANT-generated intelligence feeds based on years of worldwide, frontline incident response consulting experience. MANDIANT customers all participate in the IOC ecosystem, enabling organizations to benefit from threat intelligence derived from breaches in other environments.

"After evaluating several different products, we determined that MANDIANT Intelligent Response was the best platform available for responding to suspicious activity in our infrastructure," said Chris Koutras, Senior Security Engineer, Depository Trust & Clearing Corporation.

MIR 2.0 features and benefits include:

Rapid live response through pre-deployed agents delivers remote forensic access to any system, and on-host analysis enables full investigation over slower WAN links without waiting for memory or disk image downloads.

Security-focused hybrid disk/memory forensics delivering insightful analysis impossible to achieve with conventional tools.

Targeted data acquisition featuring powerful filtering capabilities within the agent, returning only the most critical data needed and delivering answers to forensic questions from thousands of hosts at a time.

Guided analysis using MANDIANT RedlineTM to rapidly triage hosts for malware.

"In today's climate of quick-strike and undetected sleeper breaches, security teams are more under the gun than ever to exercise rapid response capabilities, minimize risk exposure and execute incident response best practices," said Andrew Hay, Senior Security Analyst of The 451 Group's Enterprise Security Practice. "Comparatively, the performance and effectiveness of traditional preventive security measures are increasingly being called into question, elevating demand for remediation and forensics tools like MANDIANT Intelligent Response."

About DTCC

DTCC, through its subsidiaries, provides clearance, money settlement and information services for equities, corporate and municipal bonds, government and mortgage-backed securities, money market instruments and over-the-counter derivatives.

About MANDIANT

MANDIANT is the information security industry's leading provider of incident response and computer forensics solutions and services. Headquartered in Alexandria, Va., with offices in New York, Los Angeles and San Francisco, MANDIANT provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and leading U.S. law firms. MANDIANT comprises one of the industry's largest incident response and forensics forces. The authors of nine books, and quoted frequently by leading media organizations, MANDIANT security consultants and engineers hold top government security clearances and certifications and advanced degrees from some of the most prestigious computer science universities. To learn more about MANDIANT visit www.mandiant.com, read the company blog, M-Unition, follow on Twitter @MANDIANT or on Facebook .

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20934
PUBLISHED: 2020-11-28
An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c.
CVE-2020-29368
PUBLISHED: 2020-11-28
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-29369
PUBLISHED: 2020-11-28
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
CVE-2020-29370
PUBLISHED: 2020-11-28
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29371
PUBLISHED: 2020-11-28
An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.