Attivo Networks and Carbon Black Partner to Deliver Advanced, Continuous Threat Management and Response
FREMONT, CA – August 16, 2016 – Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced that it has teamed up with Carbon Black, the leader in next-generation endpoint security, to provide an integrated solution for advanced continuous threat management and response.
The integrated solution combines the Attivo ThreatMatrix™ Deception and Response Platform with Carbon Black Response for early detection of in-network threats, automated response actions based on deception server engagement, and the ability to query Cb Response for additional forensic artifacts on other infected systems. The integrated solution provides organizations an advanced level of visibility and improves overall threat management operations by simplifying information sharing and automating incident response actions.
Full attack techniques, tactics, and processes (TTP) and identification of infected endpoint information is automatically shared with Cb Response so that infected endpoints can automatically be isolated from the network without causing additional infection or harm. As part of the commitment by Attivo Networks and Carbon Black to provide continuous threat management and visibility, the solution is designed to not only isolate and block attacks, but also enable Carbon Black to upload binaries to the ThreatMatrix deception platform for additional attack analysis, correlation, and reporting.
The ThreatMatix Platform will also be enabled to query Carbon Black servers for forensic artifacts including registry key modifications, SHA1 and MD5 hashes, which will strengthen overall attack prevention by looking for other infected systems within the network.
Attivo Networks has been repeatedly recognized for its industry leading ThreatMatrix Deception and Response Platform, which was recently enhanced. The platform takes an innovative approach to real-time in-network threat detection, attack analysis, and automation of incident response actions. The solution is designed to provide early detection of cyberattacks from all threat vectors including zero-day, stolen credential, ransomware and phishing attacks that are renowned for bypassing traditional prevention systems. The ThreatMatrix platform supports a wide variety of prevention system and SIEM integrations for information sharing, automation of manual attack correlation, and accelerating the quarantine and blocking of attackers.
Cb Response is the market-leading incident response and threat hunting solution. Only Cb Response continuously records and centralizes all endpoint activity, giving Incident Responders, SOC analysts, and MSSPs the complete, real-time information they need to understand exactly how attackers are targeting their organization so they can identify root cause, hunt anomalous behavior, and isolate threats. With Cb Response, you can streamline alert validation, accelerate investigations, reduce dwell time, eliminate unnecessary reimaging, and limit IT involvement in the security lifecycle process.
“The Attivo Networks ThreatMatrix deception platform combined with Carbon Black creates a powerful solution for organizations wanting to simplify threat management operations,” said Attivo Networks CEO, Tushar Kothari. “The integration was driven by interest from our mutual customers. The architectural synergies of the two companies’ platforms allows for a seamless integration of the solution.”
“As customer demand for better detection of advanced threats increases, the need to quickly and easily tie that information back to the source of an infection, the endpoint, is critical,” said Tom Barsi, senior vice present of business development at Carbon Black. “Together, Attivo and Carbon Black are solving this problem for joint customers by tying the Attivo leading, early threat detection with Cb Response’s unrivaled visibility and incident response capabilities.”
About Attivo Networks
Attivo Networks® is an award-winning leader in deception technology for real-time detection, analysis, and acceleration of incident response to cyber-attacks. The Attivo Threat Matrix™ Deception and Response Platform provides early detection of advanced, stolen credential, ransomware, and phishing attacks that are inside user networks, data centers, clouds, IoT and ICS-SCADA environments. By deceiving attackers into revealing themselves, comprehensive attack analysis is efficiently gathered, actionable alerts raised, and response actions automated with prevention system integrations. As part of the continuous threat management platform, ThreatPath™ provides vulnerability assessment of attack paths for proactive incident prevention. For more information, visit www.attivonetworks.com
About Carbon Black
Carbon Black has designed the most complete next-gen endpoint-security platform, enabling organizations to stop the most attacks, see every threat, close security gaps, and evolve their defenses. The Cb Endpoint Security Platform helps organizations of all sizes replace legacy antivirus technology, lock down systems, and arm incident response teams with advanced tools to proactively hunt down threats. Today, Carbon Black has approximately 2,000 worldwide customers, including 25 of the Fortune 100 and more than 600 employees. Carbon Black was voted Best Endpoint Protection by security professionals in the SANS Institute’s Best of 2015 Awards.
415-963-4082 ext. 101
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise