ALEXANDRIA, Va.--(BUSINESS WIRE)--Mandiant®, the leader in security incident response management, today announced the general availability of Mandiant for Security Operations, enabling security teams to detect, analyze and resolve security incidents in a fraction of the time traditionally required using conventional approaches.
“Users receive all the information they need to make accurate decisions about suspected incidents and stop advanced attackers before they steal sensitive data.”
“Mandiant for Security Operations is the first and only solution that can automatically investigate endpoints for Indicators of Compromise (IOC) based on alerts generated in network security solutions, SIEMs and log management applications,” said Mandiant’s Chief Technology Officer, Dave Merkel. “Users receive all the information they need to make accurate decisions about suspected incidents and stop advanced attackers before they steal sensitive data.”
An appliance-based product with a lightweight agent, Mandiant for Security Operations shrinks the time to resolve security incidents by connecting network events to specific threats that reside on endpoints by performing the following tasks:
- Searching for Advanced Attackers & the APT. Host-based Indicators of Compromise (IOCs) provided by Mandiant identify known threats based on proprietary intelligence; users can also create their own IOCs to look for compromised endpoints.
- Accelerating Triage of Suspected Incidents. Automatic collection of evidence from endpoints and integration with SIEM solutions provides security analysts with pre-staged information about endpoints within the context of their existing workflow.
- Finding Out What Happened without Forensics. Agents deployed to endpoints continuously monitor and record key events to establish a timeline for suspected incidents by correlating current alerts with past events.
- Immediately Detecting Compromised Devices. Instant notifications alert users when an IOC identifies a compromised device, eliminating the need for security teams to perform additional analysis to determine if they are valid.
- Eliminating Blind Spots. Innovative Agent Anywhere™ technology works through network address translation (NATs) and across public networks to monitor the endpoints your network detection products can’t see and ensures all endpoints in the organization are covered.
- Searching for the Most Dangerous Threats. Integrates with advanced malware detection and other devices monitoring your perimeter so you can identify the most dangerous threats of all – those that are already present on your network.
- Containing Endpoints. Take non-destructive action to isolate compromised devices and deny attackers access to systems while still allowing remote investigation.
Mandiant for Security Operations is compatible with all SIEM solutions using the Common Event Format (CEF). In addition, technical partnerships with FireEye and Palo Alto Networks guarantee pre-configured and certified interoperability with those companies’ network-based solutions.
Mandiant announced Mandiant for Security Operations at the 2013 RSA Conference in San Francisco, CA. More information about Mandiant for Security Operations can be accessed on the website at: https://www.mandiant.com/products/mandiant-platform/security-operations.
Mandiant is the leader in security incident response management. Headquartered in Alexandria, Virginia, with offices in New York, Los Angeles, San Francisco and Reston, Virginia, Mandiant provides products, professional services and education to Fortune 500 companies, financial institutions, government agencies, domestic and foreign police departments and the world’s leading law firms. The authors of 12 books and quoted frequently by leading media organizations, Mandiant security consultants and engineers hold top government security clearances and certifications and advanced degrees from some of the most prestigious computer science universities. To learn more about Mandiant visit www.mandiant.com, read the company blog, M-unition™ http://blog.mandiant.com, follow on Twitter @Mandiant or Facebook at www.facebook.com/mandiantcorp.