New 'Evil Finder' Appliance Thwarts Bank Heist

Mandiant, a consulting and software company that specializes in uncovering data breaches and fraud, last week introduced Intelligent Response, an appliance for incident response and analysis. As they left the stage at last week's Demo conference, Mandiant officials said the device had just been used to "stop a bank robbery."I asked Mandiant about the comment afterwards. Company representatives declined to describe the bank involved or otherwise provide details, but they insisted that the new product had been used a week earlier to thwart financial theft. We'll have to take their word for it.

Mandiant describes the unit as providing rapid evidence discovery. The product consists of three components: agent software that goes on a computer of interest; a controller that gathers and analyzes data provided by the agents; and a console. The red box, which costs upwards of $80,000, is aimed at large companies as one part of a comprehensive security infrastructure.

Intelligent Response is not an intrusion detection/prevention device. It comes into play after those devices detect suspicious activity, collecting and analyzing data and spitting out reports in the process.

Mandiant officials present themselves as crime fighters. "We find evil," they say. Just don't ask about specific examples. Their best customers are their most embarrassed customers.