Software facilitates incident response management.

Press Release Summary:



Designed to manage computer security incidents, MANDIANT Intelligent Response (MIR) v1.0 accelerates collection of electronic evidence in support of incident response, electronic evidence discovery, and corporate investigations. It enables data collection and analysis in scalable, multi-tier, appliance-based solution with modular framework that allows accelerated deployment before/during incident. It also allows collective report creation and editing.



Original Press Release:



MANDIANT Launches Industry's First Enterprise-Grade Incident Response Solution at DEMO 08



MANDIANT Intelligent Response Manages Computer Security Incidents

PALM DESERT, Calif. and ALEXANDRIA, Va., Jan. 28 -- MANDIANT, an elite provider of incident response services and solutions, today released MANDIANT Intelligent Response (MIR) 1.0, the industry's first enterprise-grade incident response management solution that accelerates the collection of electronic evidence in support of incident response, electronic evidence discovery (EED) and corporate investigations.

"Security breaches and EED requests consume tremendous resources, particularly across an organization with thousands of geographically dispersed users and assets," said Kevin Mandia, President and CEO of MANDIANT. "Over the years, our professional services team has helped hundreds of Fortune 500 companies and government agencies respond to security incidents. With the launch of MIR 1.0, we are now leveraging our extensive experience into a fully automated rapid evidence discovery platform that will initially enable security professionals to more effectively manage the incident response lifecycle."

MIR 1.0 enables precise data collection and advanced data analysis in a scalable, multi-tier, appliance-based solution.

"MANDIANT Intelligent Response can change the negative perception associated with rapid evidence discovery by providing a unique collaborative environment that enables remote identification, collection, analysis and reporting of electronic evidence," said Charles Kolodgy, research analyst at IDC. "By fostering precision collection, organizations can avoid gathering incorrect or incomplete data and wasting critical moments when responding to time-sensitive matters."

Additional MIR 1.0 features and benefits include:

Precision-strike data identification and collection

MIR 1.0's modular framework allows rapid deployment before or during an incident. Geographically dispersed analysts can initiate widespread data searches across normal, deleted and hidden files to identify host and network- level indicators of compromise.

Advanced data analytics

A centralized data store and workspace allows investigators to search collected data for keywords; perform relational analysis on acquired data; sort, filter and annotate case notes on the fly; compare against known hashes; normalize timestamps; construct event timelines; and compare and contrast collected data.

Report creation functionality

MIR 1.0 allows multiple investigators in various locations to collectively create and edit reports and link those reports directly to underlying data, analyses and annotations.

Open standards & technologies

MIR 1.0 embraces open standards to enable rapid integration into existing information security infrastructure and strengthen the viability of MIR- collected evidence in legal proceedings. MIR 1.0 employs the Advanced Forensics Format (AFF) to store disk images and associated metadata.

Enterprise integration

MIR 1.0 was designed to benefit large-scale enterprises and integrates with many existing enterprise management technologies. The agent's flexible installation options enable rapid deployment to one or 10,000 assets via existing software deployment infrastructure.

"Even with all the malware prevention and detection tools at work today, bad things still happen to good IT infrastructure. And when they do, systems and data managers have to scramble to find and resolve the security breach," said Chris Shipley, executive producer of DEMO 08. "With the mantra 'find evil, solve crime,' MANDIANT brings calm and clarity to the process of detecting and resolving security issues. MANDIANT Intelligent Response is the missing piece in an ecosystem of incident response and should become a part of every network management suite."

For more information about MANDIANT Intelligent Response, visit www.mandiant.com or visit MANDIANT at DEMO Pavilion #75.

About DEMO

Produced by Network World Events and Executive Forums, the semi-annual DEMO conferences focus on emerging technologies and new products, which are hand-selected from across the spectrum of the technology marketplace. The DEMO conferences have earned their reputation for consistently identifying tomorrow's cutting-edge technologies, and have served as launch pad events for companies such as Palm, E*Trade, Handspring, and U.S. Robotics, helping them to secure venture funding, establish critical business relationships, and influence early adopters. Each DEMO conference features approximately 70 new companies, products and technologies. For more information, visit www.demo.com.

About MANDIANT

MANDIANT is an information security company providing professional services, education and software to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and several of the U.S.'s leading law firms. MANDIANT security consultants are acknowledged experts in incident response, computer forensics, network security and application security. In addition to authoring nine books and numerous articles about computer forensics, incident response and rootkits, MANDIANT's consultants have been featured on news programs including CBS's 60 Minutes, CNN's Talkback Live, NBC News and FOX News. MANDIANT operates offices in the Washington, DC area and New York City. For more information about MANDIANT visit www.mandiant.com.

CONTACT: Anne M. Mroczynski of MANDIANT, +1-703-683-3141, anne.mroczynski@mandiant.com; or Michelle Schafer of Merritt Group Inc., +1-703-403-6377, Schafer@merrittgrp.com, for MANDIANT

All Topics