Attivo Networks Blogs

Attivo Networks and Blue Coat Improve Incident Response Time with Automated Information Sharing

Partnership Enables Customers to Promptly Block Attacks and Quarantine Infected Devices

FREMONT, Calif., April 12, 2016— Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced a partnership and technology integration with Blue Coat Systems, Inc. a market leader in enterprise security. The combined solution will provide real-time detection of cyber-attacks and automatically pass the attack information captured by the Attivo BOTsink® deception platform to the Blue Coat ProxySG for automated blocking and quarantining of an infected end-point or device, reducing incident response time and improving customers’ ability to combat cyber-attacks.

The BOTsink platform is designed to provide inside-the-network threat detection and to create key forensics for the:

  • Identification and detection of all threat vectors – reconnaissance, stolen credential, phishing, and ransomware and multi-stage exploit kits
  • Gathering of instructions sent from a command and control (C&C) server as part of initial callback mechanism: Allowing the opening of a proxy and for man-in-the-middle (MITM) for SSL encrypted sessions forensics
  • Generation of attacker signatures which can be uploaded to block connection attempts based on intent

The Blue Coat ProxySG is an industry-leading secure web gateway, delivered on-premise or in the cloud, that delivers world-class protection and bandwidth management capabilities to secure and optimize use of the web. The unparalleled feature set includes user authentication, web filtering, data loss prevention, encrypted traffic visibility, content caching, stream-splitting and more.

The joint solution seamlessly integrates attack forensics gathered by the Attivo BOTsink engagement server with the Blue Coat ProxySG to automatically prevent compromised endpoints from exfiltrating data or communicating with the attacker’s command and control center. This level of high-quality forensics improves customers’ incident response and significantly reduces the time to complete remediation.

Tushar Kothari, CEO of Attivo Networks, said, “The largest global companies rely upon Blue Coat technology for advanced enterprise security. This integration extends the value of an organization’s current Blue Coat security infrastructure by automating forensics and improving incident response. Joint customers will also now benefit from a more comprehensive security posture that combines prevention and detection solutions that work seamlessly together to derail cyber attacks.”

“Detecting threats inside a network and improving incident response time is crucial,” said Peter Doggart, vice president, business development, Blue Coat. “By integrating the forensics from the Attivo BOTsink platform, Blue Coat can provide our customers with the most comprehensive prevention, detection, and prompt and effective response and remediation.”


This integration is now available for joint customers using the Attivo BOTSink Deception Platform and the Blue Coat ProxySG.


Attivo BlueCoat solution brief

About Attivo Networks

Attivo Networks® is the leader in dynamic deception technology, which in real-time detects intrusions inside the network, data center, cloud, and SCADA environments before the data is breached. Leveraging high-interaction deception techniques, the Attivo BOTsink® Solution lures BOTs and APTs to reveal themselves, without generating false positives. Designed for efficiency, there are no dependencies on signatures, database lookup or heavy computation to detect and defend against cyber threats. Attivo solutions capture full forensics and provide the threat intelligence to shut down current and protect against future attacks. For more information visit

Follow Attivo Networks: Twitter and Linked In

About Blue Coat Systems

Blue Coat is a leader in advanced enterprise security, protecting 15,000 organizations every day. Through the Blue Coat Security Platform, Blue Coat unites network, security and cloud, providing customers with maximum protection against advanced threats, while minimizing impact on network performance and enabling cloud applications and services. Blue Coat was acquired by Bain Capital in March 2015. For additional information, please visit


Gary Thompson
Clarity Communications

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free


Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial


  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise


Leave a Comment

Your email address will not be published.

nineteen − 14 =

Ready to find out what’s lurking in your network?

Scroll to Top