Attivo Networks Blogs

An overview of the Attivo Networks solution

Help Net Security Logo

ThreatDefend™ platform overview

The Attivo Networks ThreatDefend™ solution is a deception-based platform that provides early and accurate detection of in-network threats and automation to accelerate attack analysis and incident response. The platform is based on decoys, lures, application, and data deceptions that misdirect, deter, and derail threats at initial compromise or that are moving laterally within the network.

The platform covers everything from legacy infrastructure to modern cloud architectures, and is simple to deploy from user networks, data centers, clouds, ROBOs, or in specialized environments based on machine self-learning deception preparation, deployment, and operations. The solution stands apart from other deception platforms in its approach to deception authenticity and in its inclusion of automated attack analysis and extensive native integrations for incident response.

The platform base involves BOTsink® Engagement Servers, which support the central management of the deceptive deployment. These servers can be implemented as a physical, virtualized, or cloud instance. The primary BOTsink management functions include handling of alerts, coordination of analysis, and support for forensics, reporting, visibility tools, and integration of deception with enterprise security control systems.

The ThreatDefend Detection and Response platform includes BOTsink network deception; ThreatStrike® endpoint deception; ThreatDirect® distributed environment support for remote office and branch offices (ROBO) and microsegmented networks, and workloads in the cloud; ThreatOps™ incident response playbook orchestration; and ThreatPath™ for attack surface reduction by providing visibility into exposed attack paths that could be leveraged by malicious actors to advance an attack (see Figure 1).


Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

1 × three =

Ready to find out what’s lurking in your network?

Scroll to Top