Attivo Networks announces endpoint capabilities that catch attackers at ‘Hello’

Attivo Networks, an award-winning leader in cyber deception and attacker lateral movement threat detection, has introduced new capabilities to its Endpoint Detection Net (EDN) solution that prevent attackers from fingerprinting an endpoint to identify security weaknesses and from conducting reconnaissance.

…

Attackers use fingerprinting to identify targets, decide which vulnerabilities to exploit and determine how to successfully interact with them. Unlike traditional security solutions, these new capabilities proactively redirect suspicious endpoint inbound or outbound traffic to decoys for attacker engagement.

The new EDN Deflect functionality provides alerts to unauthorized host and service scanning, which is critical because other security controls typically do not generate an alert for these types of activities. Attempts by attackers to fingerprint an endpoint are regularly missed due to the complexity of tracking, analyzing and alerting on all of an endpoint’s communications traffic. These new deflection capabilities efficiently and accurately detect network and application fingerprinting as well as lateral movement, closing one more attack vector that threat actors are increasingly leveraging.

Read the complete article at Intelligent CISO.