Today, I am pleased to announce the release of Mandiant's newest Strategic Solutions offering: Response Readiness Assessment. In this post, I'll explain what the service provides, why our customer's requested such a service, and who can benefit from the Response Readiness Assessment offering.Read more...
Archive for 'October 2012'
October 31, 2012 6:36 PM By Helena Brito
Three years ago when we set out to create a conference that would bring together the greatest minds in the information security industry, we could not imagine the overwhelmingly positive response and growth MIRcon™ would receive year after year. Our goal for MIRcon is simple: to inform innovators and executives who are on the front lines daily, battling cyber attackers. MIRcon 2012 was no exception as we heard from industry leaders across the public and private sector present to consistently packed audiences.Read more...
October 1, 2012 6:35 PM By Carlos Carrillo
October 9, 2012 8:45 PM By Kevin Albano
Part one of our three-part series on victim notifications introduced the concept of victim notifications and the basics of preparing for a notification. The second post of the series provided details on how companies can prepare for, validate, and respond to victim notifications. This post concludes the three-part series with a brief discussion around issues that organizations that provide victim notifications face and recommendations for how they can provide notifications in a practical and effective manner.Read more...
October 4, 2012 6:25 PM By Helena Brito
October 16, 2012 5:34 PM By Jeff Hamm
October 10, 2012 6:55 PM By William Ballenthin
October 18, 2012 3:58 PM By Richard Bejtlich
Digital security professionals usually associate "security awareness" with initiatives to educate employees. The idea is that if the security staff can teach employees to be wary online, they will be less likely to fall prey to various forms of cyber-attack. I agree with this philosophy, and I find it difficult to believe that anyone would argue against training employees. However, security staff should do some level of cost-benefit analysis to ensure that the resources expended on training do not exceed the benefits!Read more...
October 24, 2012 4:12 PM By Will Gibb
In this blog post, I am going to show you some ways to review data that have been collected with the Mandiant Redline™ tool, without using the Redline interface. I will be using Mandiant's AuditParser™ tool in order to transform the Redline audit XML into tab separated data. This will let you take data and view it in different ways, as well as perform timeline analysis on data you have collected. I will focus on using data collected by a Redline Portable collector, which was configured to perform a Comprehensive Collection. The AuditParser tool will also work with audit data that have been collected with the MIR Agent, or with IOCFinder™.Read more...
October 2, 2012 1:15 AM By Darien Kindlund
October 3, 2012 9:33 AM By Abhishek Singh, Michael Vincent
October 8, 2012 11:58 AM By J. Gomez
October 23, 2012 6:28 AM By Alex Lanstein
October 25, 2012 5:40 AM By Abhishek Singh