Entries filed under 'Incident Response'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
August 7, 2012 8:49 PM By John Bradshaw
August 6, 2012 7:14 PM By Jim Aldridge
Last week at Black Hat, I presented a briefing entitled, "Targeted Intrusion Remediation: Lessons from the Front Lines." During my presentation I made three key points:Read more...
July 20, 2012 9:51 PM By Helena Brito
Whether it is training, briefings, the exhibitor hall, or social events, Mandiant is in full effect at this year's Black Hat USA conference. If you're in the middle of packing for Black Hat, make sure to keep up with Mandiant by clicking here, or view the list below:Read more...
July 19, 2012 4:20 PM By Ryan Kazanciyan
Mandiant RedlineTM and IOC Finder TM collect and parse a huge body of evidence from a running system. In fact, they're based on the same agent software as our flagship Mandiant Intelligent Response® product. During the course of their "audits", these tools conduct comprehensive analysis of the file system (including hashing, time stamps, parsing of PE file structures, and digital signature checks), registry hives, processes in memory, event logs, active network connections,DNS cache contents,web browser history, system restore points, scheduled tasks, prefetch entries, persistence mechanisms, and much more.Read more...