Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
IR for the Enterprise
Mandiant's new incident response appliance carries a big price tag, but comes with heavy-duty features
2 Min Read
4:55 PM -- Mandiant's new Mandiant Intelligent Response (MIR) 1.0 product is targeted at large enterprises that need a centralized mechanism to perform incident response (IR) as part of a security breach or e-discovery process. MIR -- which came out this week -- is basically a hardware appliance that collects information from agents running on endpoints, analyzes that data, and serves it up in a user-friendly console for security analysts to quickly perform triage and prevent further damage to the network.
But are enterprises ready to swallow the $86,500 price tag to get a jumpstart on the IR and e-discovery process? That depends on how damaging a sensitive data breach could become if it isn’t immediately detected. It also depends on whether the enterprise has the means to collect the evidence necessary to identify which systems and data were affected
The fact that MIR is an all-in-one hardware appliance is definitely a plus. Being able to purchase it, drop it in the network, deploy the agents, and start responding to incidents or conducting e-discovery keyword searches is going to be very appealing to many companies that don't want to roll their own solutions, or that have found existing enterprise IR tools lacking.
The company behind MIR also sports a repertoire of talent that leads me to believe they know what they’re doing. Mandiant is headed by Kevin Mandia, probably the most well-known name in the history of incident response. Research and development has names like Jamie Butler (rootkit research), Kris Kendall (original coauthor of forensic tool foremost), and Nick Harbour (author of forensic tool dcfldd).
If bad press isn't enough of an impetus for enterprises to prepare and respond to incidents quickly, the regulatory and legislative notification requirements to users impacted by data breaches is reason enough to look at MIR. Sure, it's pricey up front, but it could end up saving you money in the long run.
– John H. Sawyer is a security geek on the IT Security Team at the University of Florida. He enjoys taking long war walks on the beach and riding pwnies. When he's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
