- +
Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients? - +
Process Trip 04/02/2008 13:07:03
Why Maritz Travel revamped key business processes — and how business and IT came together to make it workWhen Rich Phillips became COO OF Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the big industry picture - +
How to Get Real About Strategic Planning 04/02/2008 12:50:59
Everyone agrees that having a strategic plan for IT is a good thing but most CIOs approach the process with fear and loathing. In fact, the majority of CIOs (and the enterprises they work for) are faking it when it comes to strategic planning. Isn't it time we all got real?Oh, it must be nice to be the CIO of a FedEx or a GE or a Credit Suisse. Places where IT and the business are so tightly aligned you can barely tell the two apart. Where corporate leaders understand that IT is a strategic asset and support it as such
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Revolutionising Back-up and Recovery
Why Security SaaS Makes Sense Today
Enterprise Wireless WLAN Security
Solve Exchange Storage Problems Once and For All: A New Approach without Stubs or Links
Dude! You Say I Need an Application-Layer Firewall?!
Did you GET the memo? Getting you from Web 1.0 to Web 2.0 Security
Understanding Email Marketing: A Guide for SMBs
Web Security SaaS: The Next Generation of Web Security
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Mandiant introduced new incident response automation technology that promises to perform the first set of post-breach analysis tests the IT security company would provide via its breach investigation services.
Having already launched several free forensics applications via its Web site, the breach consulting services provider is hoping to cash in on demand for its incident management skills with the new set of electronic evidence discovery (EED) and corporate investigation tools.
Labeled as Mandiant Intelligent Response 1.0 (MIR) and targeted initially at large enterprises in the financial services, health care, and ISP verticals -- company officials contend that large customers are ready to invest in applications that could save them millions on post-breach analysis services.
"We think large and mid-tier enterprises have the capability to use this technology, those that are fortunate enough to have the type of people who can respond, but who might not have standing armies to do so," said Jim Hansen, chief operating officer of Mandiant. "These are difficult skills that we provide, and these tools allow customers to accelerate the response process before someone like us can get there."
Hansen said that combined with his company's services, the incident forensics applications, delivered in an appliance form-factor, also extend the consulting provider's breach investigation capabilities.
The faster that companies can begin the data mining and incident analysis process after a breach, the more likely they are to discover exactly what type of problem has occurred and deduce whether they might be forced to publicly report any data exposures, the expert contends.
The cost of reporting data incidents -- both in terms of issuing immediate breach notifications and responding to any subsequent impact on business, including regulatory fines -- has created a market where enterprises with high-risk information and compliance concerns are ready to invest in software that may give them a leg up in the investigation process, Hansen said.
"This is a way to begin creating an incident response system with a full audit trail at the push of a button. [It's] something that's going to give teams a head start on the electronic data discovery process," said Hansen. "We're still doing a majority of our business answering response calls, but this product can help investigators get started."
The appliance will also arm incident response teams with analysis documentation that can be submitted as part of any legal activity related to a breach or inquiries about the resulting investigation process itself, he said.
The executive maintains that the set of data aggregation, analytics, and reporting tools represents a new breed of electronic forensics automation software. Rather than competing with existing discovery applications, Hansen said that MIR was built to integrate with and aggregate from those systems with which the product may be linked via its open API, Hansen said.
The individual software modules residing on the Intel-based appliance, which runs on Linux, consist of an endpoint forensic agent, a controller that handles data aggregation and analysis duties, and its console, which offers a Web-based interface that can be accessed remotely over the Web.
For now, MIR will only provide analysis of Windows-based systems, but Mandiant said it is already looking to build versions of the appliance that can be dropped into different environments.
At $86,500, not including additional support and services costs, the MIR appliance is clearly aimed at large customers, but Hansen said that Mandiant is considering development of a cheaper, more lightweight device or software package aimed at smaller environments. The company may even create a version of the tools to be delivered via a software-as-a-service model, he said.
Some industry watchers said the Mandiant system may even allow customers to stay ahead of potential incidents, shifting elements of the electronic discovery process from a reactive measure to a preventative exercise.
"Mandiant Intelligent Response can change the negative perception associated with rapid evidence discovery by providing a unique collaborative environment that enables remote identification, collection, analysis, and reporting of electronic evidence," said Charles Kolodgy, analyst at IDC. "By fostering precision collection, organizations can avoid gathering incorrect or incomplete data and wasting critical moments when responding to time-sensitive matters."
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Viva la Verticals! Key to Vendor Growth is Through Vertical Market Opportunities, Says IDC 2008-09-05 11:05:00+10
F-Secure delivers fastest protection in the online world 2008-09-04 16:50:00+10
NETGEAR expands ProSafe team as business-class products take off in SME market 2008-09-04 16:27:00+10
Rogue security apps dominate Fortinet's Aug 2008 IT threat report 2008-09-04 16:00:00+10
Adaptec Intelligent Power Management Reduces Storage Power Consumption Up to 70 Percent 2008-09-04 11:28:00+10
How to Beef Up Your Sales Pipeline
Our economy may be heading towards a recession. Sales rates are dropping. Promotional campaigns are proving less effective than you would like. So how do you continue to grow your business and bring home the sales in such an environment? Download this white paper now to find the answers.
