Today's threat actors are savvy, sophisticated, and relentless. They target human vulnerabilities in order to slip through your preventive defenses. When they do, Mandiant Intelligent Response® (MIR®) is the tool that gives your team a decisive advantage over the adversary, revealing their every move and ruining their attempts to stay hidden.
Our latest MIR release (v 2.2) offers new capabilities that help enterprise SOC and CIRT teams accelerate their response to new incidents so they can investigate attacks more efficiently - including identifying what targeted attackers did on their systems and how they attempted to cover their tracks.
Accelerate Incident Response
Initiating your response to a security event as soon as it's detected can make the difference between successful containment and a full-fledged breach. This latest release of MIR offers you:
- The ability to integrate with HP ArcSight® or any CEF-compatible security information and event management (SIEM) or log management solution.
- Configure MIR to automatically search for IOC (Indicators of Compromise) hits and report them back to HP ArcSight.
- Initiate MIR to perform immediate live response data collection using SIEM correlation rules.
- Empower anyone on your team to gather data without leaving their SIEM console.
- Track MIR acquisition status within ArcSight.
Watch the video below to see how MIR and your SIEM can work together.
Make It Tougher for Attackers to Cover Their Tracks
Attackers are getting increasingly diligent about cleaning up after themselves; however, our new disk analysis capability makes it much harder for them to succeed. The new NTFS INDX buffer parsing tool enables investigators to identify evidence of deleted and overwritten files by analyzing deleted directory entries.
Spend Less Time Administering MIR
Reduce the time you work on day-to-day maintenance activities and spend more of your time on actual investigations with MIR's streamlined processes and enhanced UI.
Interested in learning more? Contact us today for more information and a demonstration. Also,make sure to join us for the next Tools of Engagement webinar on August 1st, where we'll explore tips for optimizing your incident response workflow. You can register for the webinar here.
Lastly, be sure to stop by our booth (#337) at Black Hat Las Vegas the week of July 23rd. We'll have plenty of Mandiant experts available to help answer your questions.