Protecting Data on the New Security Battleground: Endpoints
Attivo Networks, a provider of cybersecurity threat detection solutions, has announced new capabilities within its ThreatDefend Detection Platform that aim to anticipate and address methods an attacker will use to break out from an infected endpoint.
Protecting endpoints and preventing the spread of infected systems is a critical concern for organizations of all sizes, according to research revealing that attackers can move off of an initially compromised system in 4.5 hours, on average. Further, new research shows that the average dwell time—the time it takes to detect attackers operating within an enterprise network—increased an average of 10 days in 2019, from 85 to 95 days, highlighting the escalating requirement to secure endpoints and prevent an adversary from establishing a foothold.
As a result, CISOs and security managers are increasing their spending and allocating budget for network detection and response tools, staff skills training, and endpoint detection and response solutions.
“Endpoints are the new battleground, and well-orchestrated detection and response capabilities are an organization’s greatest weapon against attackers,” said Srikant Vissamsetti, senior vice president of engineering at Attivo Networks. “The new Endpoint Detection Net offering provides organizations of all sizes an efficient and effective way to derail an attacker’s lateral movement before they can establish a foothold or cause material harm.”
The Attivo Endpoint Detection Net product is tackling endpoint security challenges head-on by making every endpoint a decoy designed to disrupt an attacker’s ability to break out and further infiltrate the network. It does this without requiring agents on the endpoint or causing disruption to regular network operations.
The company says its approach to detection specifically focuses on reducing the time an attacker can remain undetected and the amount of effort required for an organization to restore environments to normal operations. This new Endpoint Detection Net offering will also serve as a powerful protection force-multiplier for businesses using endpoint protection and endpoint detection and remediation solutions by closing detection gaps and facilitating automated incident response.
The Endpoint Detection Net solution elevates security control by accurately raising alerts and taking proactive measures to derail attackers. These capabilities include early attack detection based on:
- Unauthorized Active Directory queries from an endpoint.
- Theft of local credentials.
- Attempts to compromise file servers by moving to mapped shares.
- Network reconnaissance to find production assets and available services.
- Man-in-the-Middle attacks where attackers try to steal credentials in transit.
- Identifying the available attack paths that an attacker would take to move about the network.
For more information, visit www.attivonetworks.com.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise