Attivo Networks Endpoint Detection Net (EDN) Suite

Endpoint Detection Net (EDN) Suite

Prevent attackers from breaking out from an infected system by restricting their ability to move laterally or conduct reconnaissance.

MITRE APT ATT&CK® DIY Assessment Results: Endpoint Detection Rates Improved by an Average of 42%

Why Customers Choose EDN to Strengthen Their Endpoint Security Posture

Enhance Defensive Strategies to Quickly Detect and Deny Lateral Movement

Protecting endpoints and preventing the spread of infected systems is a critical concern for organizations of all sizes. The Attivo Endpoint Detection Net (EDN) product complements existing endpoint security solutions by detecting an attacker early in the attack cycle, preventing them from stealing credentials and establishing a foothold. The EDN product tackles endpoint security challenges head-on by making every endpoint a decoy, designed to disrupt an attacker’s ability to break out and further infiltrate the network.

UPON COMPLETION OF A PROOF OF CONCEPT EXERCISE…

“VERY RARELY DO YOU SEE TECHNOLOGY THAT IS BOTH VERY EASY TO USE AND QUICK TIME TO VALUE – USUALLY IF YOU HAVE ONE YOU DO NOT HAVE THE OTHER. ATTIVO WAS THAT UNICORN TECHNOLOGY WHERE IT WAS VERY EASY TO DEPLOY AND USE. WE WERE RECEIVING VALUE A FEW HOURS INTO THE POC.”

— CISO, FORTUNE 500 FINANCIAL SERVICES FIRM

Awards For Endpoint Detection Net (EDN) Suite

Benefits

The Attivo EDN Suite is tackling endpoint security challenges head-on by making every endpoint a decoy designed to disrupt an attacker’s ability to break out and further infiltrate the network.

Icon_Attacker-target_white

Early Detection

  • Detects known and unknown attacks early in the attack cycle

Attack Disruption

  • Disrupts attacks during observation vs. waiting for an active attack
hand

Agentless

  • Requires no agents on the endpoint nor disrupts regular network operations
Scalability

Scalable

  • Scalability across a wide-variety of endpoints
Threat-Intelligence

Attack Disruption

  • Collects adversary intelligence and forensic data
Application Credentials

Blocks Credential Theft

  • Blocks real credential theft without attacker knowledge
Icon_Target_white

Closes Detection Gaps

  • Serves as a powerful protection force-multiplier for businesses using EPP and EDR solutions by closing detection gaps and facilitating automated incident response
Computer

Pen Testing

  • Improves detection proficiency during Red Team testing and security assessments

Comprehensive Endpoint Attack Vector Coverage

Detect even the mere act of observation

Endpoint Attack

Endpoint Detection Net Portfolio

The Endpoint Detection Net solution is designed to anticipate methods an attacker will use to break out from an infected endpoint and ambush their every move. This unique approach to detection specifically focuses on reducing the time an attacker can remain undetected and the amount of effort required for an organization to restore environments to normal operations.

DATA CLOAKING

DataCloak

Hide & deny access to local files, folders, storage, & network/ cloud shares

THREATSTRIKE

ThreatStrike

Hide, bind & cloak credentials to deny unauthorized access & collect intel

ADSECURE

ADSecure

Alert on unauthorized AD queries and return false information to attackers

Detect and disrupt attacker lateral movement and host discovery activity

Deflect

Detect and disrupt attacker lateral movement and host discovery activity

ADSECURE

ThreatPath

Identify exposed credentials and remove at risk attack paths

ENDPOINTS SUPPORTED

Use Cases

— Prevent privilege escalation.

— Hide and deny access to credentials and use deceptive credentials to breadcrumb attackers into a decoy environment for threat intelligence gathering

— Obfuscate and deny access to production files, folders, removable storage, network drives, and cloud shares

— Obfuscate real assets with decoy systems, ports, and services to disrupt attacker attempts to identify other targets to compromise.

— Quickly detect Man-in-the-Middle activity with decoys on every network segment.

Resources

td-platform-vid
EDN Infographic
Solution Brief
EDN Solution Brief
Solution Brief
EDN Use Cases
td-platform-vid
Boosting MITRE ATT&CK Detection Rates for Endpoint Security

Content

Endpoint Defenses with the Attivo Networks® EDN Solution
451 Research: Is It Really Possible to Lock Down an Endpoint? Yes, but Not How You Might Think.
Users of EPP or EDR Solutions Will Also Want to Do This
Results Show Boost in APT Detection Rates with Attivo Endpoint Detection Net (EDN) Suite

Spotlight

Using a Commercial Deception Solution to Improve MITRE ATT&CK Test Results for Endpoint Security

Ready to find out what’s lurking in your network?

Scroll to Top