One of my customers (large mobile service provider) just decided to deploy Mandiant agents on every single server in the company.
From what I can ascertain, Mandiant specialises in specialised incident reporting according to:
It works in conjunction with the xagt process/service on servers (according to some local techs) which might mean that Mandiant agents are somehow involved with monitoring cyber security attacks too (FireEye Endpoint Security). The following articles cover this:
Have you seen Mandiant agents running in a customer's environment and if so, should I be worried about resource contention or negative impacts on Dynatrace solutions/agents?