Deception Technology for Early and Accurate Threat Detection

Prevent attackers from accessing information from Active Directory

Free Trial Guide

Start your free trial of the award-winning ADSecure solution, ideal for organizations using Active Directory to authenticate and authorize users and computers in Windows domain networks.

Free Trial Offering

ADSecure prevents attackers from accessing information from Active Directory by efficiently concealing the real objects and returning fake information when an attacker queries AD to access critical assets in the network. Sign up and Attivo will send you a lightweight Virtual Machine to install, connect, and configure and start deploying the ADSecure service to endpoints that day!

ADSECURE FOR ACTIVE DIRECTORY PROTECTION

ADSECURE FUNCTIONS AND BENEFITS

EARLY AND ACCURATE ALERTING

Detect and alert on unauthorized Active Directory queries

EFFECTIVE CONCEALMENT

Hide sensitive or critical Active Directory objects in query results

ATTACKER MISDIRECTION

Lead attackers to decoys with deceptive query results

NO INTERFERRENCE

Requires no modifications to production Active Directory controllers

ADSECURE CASE STUDY- SEMI ANNUAL RED TEAM EXERCISE

ADSECURE CASE STUDY
SEMI ANNUAL RED TEAM EXERCISE

COMPANY INFORMATION

  • Publicly traded Real Estate Company
  • Mature Security Posture
  • Deployed Attivo BOTsink and EDN Suite
  • Endpoint – FireEye HX and MSFT Defender

RED TEAM EXERCISE GOAL

  • Simulate real attacker/s to find gaps and test employees
  • Domain Admin access
  • Company confidential data at high risk
  • Ransomware detection and recovery

SCOPE – 12 WEEK ENGAGMENT

  • No limitations
  • 4-5 attackers using all types of techniques and tactics, executing at multiple phases of the attack cycle
  • Started from outside the perimeter
  • Only rules: Don’t destroy, offend, or deface

DETECTION EXAMPLES

Derail lateral movement by preventing attackers from stealing production AD data.

SAMPLE DETECTIONS Gain visibility into AD queries and the processes that spawn them
SAMPLE DETECTIONS Gain visibility into AD queries and the processes that spawn them

Frequently Asked Questions

  • Access to install the EDN manager VM on an ESXi host through an OVF template (host v5.5, 6.0, or 6.5, managed through a vCenter Server v5.5, 6.0, or 6.5)
  • 4-core CPU
  • 32GB memory
  • 150GB disk space
  • Approximately one hour.
  • 90 days from activation.
  • Please contact an Attivo Networks Sales Representative for access to any other trials or to arrange a POC.
  • Yes. Please contact an Attivo Networks Sales Representative to discuss sizing and other requirements.
phone-icon

NEED HELP?

If you have any questions, reach out and we will be in touch soon.

Scroll to Top