An overview of the Attivo Networks solution
ThreatDefend™ platform overview
The Attivo Networks ThreatDefend™ solution is a deception-based platform that provides early and accurate detection of in-network threats and automation to accelerate attack analysis and incident response. The platform is based on decoys, lures, application, and data deceptions that misdirect, deter, and derail threats at initial compromise or that are moving laterally within the network.
The platform covers everything from legacy infrastructure to modern cloud architectures, and is simple to deploy from user networks, data centers, clouds, ROBOs, or in specialized environments based on machine self-learning deception preparation, deployment, and operations. The solution stands apart from other deception platforms in its approach to deception authenticity and in its inclusion of automated attack analysis and extensive native integrations for incident response.
The platform base involves BOTsink® Engagement Servers, which support the central management of the deceptive deployment. These servers can be implemented as a physical, virtualized, or cloud instance. The primary BOTsink management functions include handling of alerts, coordination of analysis, and support for forensics, reporting, visibility tools, and integration of deception with enterprise security control systems.
The ThreatDefend Detection and Response platform includes BOTsink network deception; ThreatStrike® endpoint deception; ThreatDirect® distributed environment support for remote office and branch offices (ROBO) and microsegmented networks, and workloads in the cloud; ThreatOps™ incident response playbook orchestration; and ThreatPath™ for attack surface reduction by providing visibility into exposed attack paths that could be leveraged by malicious actors to advance an attack (see Figure 1).
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise