ALEXANDRIA, Va.--(EON: Enhanced Online News)--Mandiant, the leader in advanced threat detection and response solutions, today announced enhanced capabilities for its MCIRT Managed Defense solution. The new capabilities detect advanced attackers more rapidly and search for the latest tactics and attack vectors used by the Advanced Persistent Threat (APT), organized crime and other attack groups. Whether it is a spear phishing e-mail, command and control activity or attackers logging into your VPN with stolen user credentials, Mandiant’s MCIRT Managed Defense solution alerts you, provides context about the specific threat and directs your response.
“There’s no such thing as perfect security”
“There’s no such thing as perfect security,” said Kevin Mandia, CEO of Mandiant. “We respond to dozens of security breaches every day, and we know how attackers evade corporate safeguards. Armed with this knowledge, Mandiant’s MCIRT Managed Defense solution will be your early warning system so you detect, respond, and contain the most advanced attacks.”
New capabilities now available to customers of the MCIRT Managed Defense solution include:
- Advanced Analytics: MCIRT analysts and forensics specialists actively hunt for attackers using techniques that have proven instrumental in identifying compromises by previously unknown tools and tactics. Examples include screening system services, registry run keys, and file system run locations.
- Methodology-Based Threat Sweeps: Ongoing sweeps utilize methodology-based Indicators of Compromise (IOC) that investigate your systems for attackers using Mandiant’s latest proprietary intelligence of attacker methodology and directing investigations to systems that exhibit unusual characteristics.
- Spear Phishing Detection: Network spear phish detection capabilities identify perpetrators’ favorite attack vector for gaining unauthorized access to confidential data so you can detect and kill attacks when they are just beginning.
- Memory-Based Threat Sweeps: Ongoing sweeps using memory-based Indicators of Compromise identify compromised machines faster and shorten the attacker’s window of opportunity for completing their mission.
- Reputation-Based Monitoring: IP-reputation based threat feeds identify non-targeted threats and increase visibility into organized crime activity including botnets and Russian Business Network (RBN) style attacks.
The MCIRT Managed Defense solution provides significant benefits to both organizations that already have advanced incident response teams and to those that lack the resources to identify and respond to sophisticated attacks. Some of the specific benefits MCIRT customers realize include:
- Reduced Theft of Assets & Intellectual Property: Advanced targeted attacks are identified rapidly, minimizing an organization’s window of exposure.
- Reduced Cost of Responding to Computer Breaches: Organizations can confirm the true scope of an incident, respond immediately and reduce the need for expensive after-the-fact forensic sleuthing.
- Reduced Disruption to Ongoing Operations: Mandiant precisely identifies the specific devices that are compromised so unaffected employees and processes stay online and are not unnecessarily disrupted by containment and remediation activities.
- Reduced Reputational Risk: Organizations are better prepared to identify and contain attacks before they must disclose them to customers, partners and regulators.
“The tools used to invade networks and steal digital assets are changing day by day, yet attacker methodologies are evolving more slowly,” said Yanek Korff, vice president of MCIRT at Mandiant. “Incident response must be a 24/7 function and it must continually evolve to keep intruders at bay. Our MCIRT Managed Defense solution codifies our specialists’ intelligence on the latest tactics advanced attackers are using and proactively hunts for attackers that have already bypassed your preventive defenses.”
For more information about Mandiant’s MCIRT Managed Defense solution you can visit the solution overview on Mandiant’s web site, download the datasheet or view the on-demand webcast at http://www.mandiant.com/events/webinar/tools-of-engagement062712 which highlights the solution.
Mandiant is the leader in advanced threat detection and response solutions. Mandiant’s products and services protect the world’s most valuable data every day from targeted attacks. Headquartered in Alexandria, Virginia, with offices in New York, Los Angeles and San Francisco, Mandiant’s customers include Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments, and the world’s leading law firms. The authors of 12 books and quoted frequently by leading media organizations, Mandiant security consultants and engineers hold top government security clearances and certifications and advanced degrees from some of the leading computer science universities. To learn more about Mandiant visit www.mandiant.com, read the company blog, M-Unition, follow on Twitter @MANDIANT or Facebook at www.facebook.com/mandiantcorp.