|[February 25, 2013]
Mandiant Equips Security Teams to Find and Stop Advanced Attacks When They Are Just Beginning with Launch of New Product Offering
SAN FRANCISCO --(Business Wire)--
Mandiant®, the leader in security incident response
management, today announced the launch of its newest product, Mandiant
for Security Operations. The new release enables security teams to
detect, analyze and resolve security incidents in a fraction of the time
required using conventional approaches. In addition to identifying
compromised devices using Mandiant's proprietary intelligence, Mandiant
for Security Operations helps security teams triage suspected incidents
faster. It is the first and only solution that can automatically
investigate endpoints for Indicators of Compromise (IOC) based on alerts
generated in network security solutions, SIEMs and log management
applications. Users receive the information they need, when they need
it, to make rapid, accurate decisions about suspected incidents so they
can stop the most critical attacks in their tracks.
"Organizations spend millions of dollars to build secure networks to
keep would-be attackers at bay. Despite these investments, determined
attackers continue to routinely compromise well-secured organizations
and steal their intellectual property and financial assets," said
Mandiant's Chief Technology Officer, Dave Merkel. "Mandiant for Security
Operations allows front-line security analysts to make better and faster
decisions about suspected security incidents, identify and stop targeted
attacks when they begin and ensure efforts are focused on the most
Mandiant for Security Operations is an appliance-based solution that
utilizes a lightweight agent deployed on endpoints to perform the
Search for Advanced Attackers & the APT (News - Alert).
Host-based Detection Indicators of Compromise (IOCs) provided by
Mandiant identify known threats based on proprietary intelligence;
users can also create their own IOCs to look for compromised
Accelerate Triage of Suspected Incidents. Automatic collection
of evidencefrom endpoints and integration with SIEM solutions
provides security analysts with pre-staged information about endpoints
within the context of their existing workflow.
Find Out What Happened, without Forensics. Agents deployed to
endpoints continuously monitor and record key events to establish a
timeline for suspected incidents by correlating alerts with past
Immediately Detect Compromised Devices. Instantly notifies
users when a Detection IOC identifies a compromised device,
eliminating the need for security teams to perform additional analysis
to determine if they are valid.
Eliminate Blind Spots. Innovative Agent Anywhere™ technology
works through network address translation (NATs) and across public
networks to monitor the endpoints your network detection products
can't see and ensure all endpoints in the organization are covered.
Search for the Most Dangerous Threats. Integrates with advanced
malware detection and other devices monitoring your perimeter so you
can identify the most dangerous threats of all - those that are
already present on your network.
Contain Endpoints. Take non-destructive action to isolate
compromised devices and deny attackers access to systems while still
allowing remote investigation.
Mandiant for Security Operations is compatible with all SIEM solutions
using the Common Event Format (CEF). In addition, technical partnerships
with FireEye (News - Alert) and Palo Alto Networks guarantee pre-configured and
certified interoperability with those companies' network-based solutions.
Mandiant will be conducting demonstrations of this new product in Booth
#2439 at RSA (News - Alert) Conference 2013 in San Francisco. More information about
Mandiant for Security Operations can be accessed online at www.mandiant.com/products.
Mandiant is the leader in security incident response management.
Headquartered in Alexandria, Virginia, with offices in New York, Los
Angeles, San Francisco and Reston, Virginia, Mandiant provides products,
professional services and education to Fortune 500 companies, financial
institutions, government agencies, domestic and foreign police
departments and the world's leading law firms. The authors of 12 books
and quoted frequently by leading media organizations, Mandiant security
consultants and engineers hold top government security clearances and
certifications and advanced degrees from some of the most prestigious
computer science universities. To learn more about Mandiant visit www.mandiant.com,
read the company blog, M-unition™ http://blog.mandiant.com,
follow on Twitter (News - Alert) @Mandiant
or Facebook (News - Alert) at www.facebook.com/mandiantcorp.
[ Back To Technology News's Homepage ]