Attivo Networks® Achieves Integration with McAfee® ePolicy Orchestrator® Platform through McAfee Security Innovation Alliance™ - Attivo Networks
Attivo Networks Blogs

Attivo Networks® Achieves Integration with McAfee® ePolicy Orchestrator® Platform through McAfee Security Innovation Alliance™


Attivo ThreatDefend™ Deception and Response Platform and ePolicy Orchestrator Combined Solutions Seek to Deliver Advanced Threat Management and Response

BLACK HAT LAS VEGAS, Nev., July 26, 2017 – Attivo Networks®, the award-winning leader in deception technology for cyber security defense, today announced Attivo ThreatDefend™ now integrates with the McAfee ePolicy Orchestrator® (McAfee ePO™) platform to provide a comprehensive solution for advanced threat management and response. This technology integration combines the Attivo ThreatDefend Platform with the McAfee ePO console for increased detection of in-network threats and detailed attack forensics and accelerated incident response. Additionally, the company has joined the McAfee Security Innovation Alliance™ (SIA) partner program. Under the SIA program, the companies will work together to integrate ThreatDefend technology with McAfee Advanced Threat Defense, providing customers an adaptive defense solution to combat modern day advanced threats.

“Providing our mutual customers with better data protection and an improved threat defense lifecycle are the top priorities for the McAfee Security Innovation Alliance,” said D.J. Long, head of the McAfee Security Innovation Alliance. “Partnering with Attivo to combine the strengths of both companies is key to being able to deliver on those goals, and minimize the toll of the advanced threats targeting business, government and consumer data.”

The Attivo Networks ThreatDefend Platform creates an in-network deception environment designed to outmaneuver modern-day attackers and deceive them into revealing their presence. Changing the balance of power the platform makes the entire network a trap and creates a setting where what is real and what is not becomes unclear to the attacker. One wrong move and the attacker’s presence is exposed. High-interaction network and end-point deception lures and decoys reduce time to detection, while automated attack analysis, high-fidelity alerts, third-party integrations, and playbooks accelerate incident response. Visibility tools provide attack path vulnerability assessments and time-lapsed replays, empowering teams with insight into attacker lateral movement and security gaps. With the ThreatDefend solution, customers can conveniently start with base detection capabilities and expand platform usage based upon their business requirements.

Attivo ThreatDefend technology integration with McAfee ePO ensures a frictionless deployment of the Attivo ThreatStrike™ suite across multiple endpoints simultaneously. When attackers attempt to harvest deceptive credentials, extract information or attempt to encrypt mapped drives, they are directed to the Attivo BOTsink engagement server’s automated threat analysis (ATA) engine, which identifies the infected system, captures the Tools, Techniques, Procedures (TTP), and relays an engagement-based alert to the McAfee ePO, arming security teams with critical information to promptly quarantine infected systems and mitigate ongoing risks.

The compatibility certification also includes Attivo ThreatDefend platform integration with McAfee Enterprise Security Manager where the combined solution enhances the value to an organization’s threat management infrastructure through streamlined information sharing and response automation. This joint solution provides visibility and control over security events by helping cut through the noise of billions of logged events, in turn empowering prioritization of critical incidents and early response and remediation to high-fidelity alerts leading to a reduction in the organization’s risk of breaches and data loss.

“Together, these solutions empower customers to continuously monitor their network health, gauge anomalies in real-time, and automate incident response,” said Attivo Networks CEO, Tushar Kothari. “This certification serves as validation, that the solution has passed rigorous compatibility testing and is ready for enterprise grade deployment. We are also excited to be a part of the McAfee Security Innovation Alliance program, where we can work together to help customers build an adaptive security defense against advanced threats.”

As part of the commitment by Attivo Networks and McAfee to provide advanced security solutions to protect against cyber threats, the unified solution is designed to both expand centralized visibility and management of attacks and drive continuous improvements that help detect new threats faster and enable automated workflows to rapidly correct them.

About Attivo Networks

Attivo Networks® is the leader in deception technology for real-time detection, analysis, and accelerated response to advanced, credential, insider, and ransomware cyber-attacks. The Attivo ThreatDefend™ Deception and Response Platform accurately detects advanced in-network threats and provides scalable continuous threat management for user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments. Attivo Camouflage dynamic deception techniques and decoys set high-interaction traps to efficiently lure attackers into revealing themselves. Advanced attack analysis and lateral movement tracking are auto-correlated for evidence-based alerts, forensic reporting, and automatic blocking and quarantine of attacks. For more information visit

Follow Attivo Networks: Twitter and LinkedIn

Attivo Networks and BOTsink are registered trademarks of Attivo Networks in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

No computer system can be absolutely secure. McAfee and the McAfee logo, ePolicy Orchestrator, and McAfee ePO are trademarks of McAfee, LLC in the United States and other countries

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Ready to find out what’s lurking in your network?

Scroll to Top