Best Deception Technology | Attivo Networks ThreatDefend Platform - Attivo Networks
Attivo Networks Blogs

Best Deception Technology | Attivo Networks ThreatDefend Platform

ThreatDefend protects against Active Directory enumeration and ransomware by hiding files, AD objects, folders, mapped network and cloud shares, and removable drives so attackers can’t find the data or access it for encryption.

Attivo ThreatDefend offers value and ROI as an early detection system of attacker reconnaissance, credential harvesting, privilege escalation, and lateral movement, considerably reducing dwell time and disrupting an attacker’s ability to complete their mission. Customers gain immediate value from in-network active observation, threat engagement, and the ability to provide the substantiated detail required to identify infected systems and block and quarantine threats.

Attivo leverages MITRE ATT&CK, which offers an excellent framework for showing coverage against attack techniques and tactics. The platform covers 11 of 12 tactics and 72 techniques, the most of any deception provider. MITRE also has MITRE Shield, which defines a framework for creating an Active Defense. Attivo covers 27 of 33 techniques and 123 of 190 use cases. ThreatDefend for a 1,000-person company starts at around $50,000.

Some other product highlights include protection of Active Directory by hiding AD objects and returning fake data to unauthorized queries, stopping ransomware attacks by data cloaking that hides and denies access, and preventing endpoint fingerprinting by redirecting inbound and outbound connection attempts that touch closed ports to decoys for engagement.

“ThreatDefend alerts are based upon attacker techniques and aren’t reliant on signatures, hashes, or database lookup, like most legacy security products,” the company said in its entry. “Thus, it does not require constant database updates, and generally, there are two major software updates per year. Updates are included as part of the support agreement and easily downloaded through a support portal.”

Read the original article in SC Media.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published. Required fields are marked *

nineteen + fourteen =

Ready to find out what’s lurking in your network?

Scroll to Top