Endpoints as Bait for Attackers
Attivo Networks has expanded the functionality of its ThreatDefend detection platform. These aim to anticipate an attacker’s behavior when it compromises a corporate network from an infected endpoint. ThreatDefend lures the attacker into an ambush if he moves in the network. The goal is to shorten the dwell time, i.e. the time span in which an attacker can move undetected in the company network.
The “Endpoint Detection Net” module is intended to supplement companies with EPP and EDR (Endpoint Protection, Endpoint Detection and Response) solutions by closing gaps in detection and facilitating the automatic response to incidents. Endpoint Detection Net, according to Attivo, turns every endpoint into a bait that is supposed to disrupt an attacker’s plans to break out and penetrate further into the network. No own agents are required for this at the endpoint. For this purpose, Attivo uses historical attack data as well as the Miter Att @ ck framework to identify the methods that attackers use to move around the network from an endpoint.
The ability to protect endpoints and prevent the spread of infected systems is critical for companies of all sizes. Investigations have shown that attackers leave an initially infected system after 4.5 hours on average to move on. In addition, research results show that the average length of stay in the network increased from 85 to 95 days in 2019. This illustrates the importance of securing endpoints and preventing attackers from gaining a foothold in the network.
Read the full article here.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise