Security Roundup: Automation and Gamification, Barracuda, Attivo and SecurityFirst
Attivo Beefs Up Deception and Response Platform
Attivo Networks has enhanced its ThreatDefend platform designed to deceive and reveal attackers that have bypassed perimeter security. It has added counterintelligence functionality to help companies identify the specific data attackers are seeking, as well as geolocation services that indicate where the documents are being accessed.
The platform’s new DecoyDocs feature provides the ability to plant deception files that allow the organization to conduct data loss tracking (DLT) on documents that have been exfiltrated. By embedding a tracking call-back function into a document, the solution provides information about what was stolen and where an attacker opened the file, whether inside or outside of the network.
Carolyn Crandall, Attivo’s chief deception officer, tells us the platform provides new opportunities for partners by providing them with an active security defense based on prevention, detection and response capabilities.
“The solution does not replace existing prevention infrastructure, but instead closes the in-network detection gap and provides tools to reduce dwell time, accelerate attack analysis, and reduce incident response time,” she said. “The functionality of counterintelligence is a new conversation that partners can have with customers in order to help them strengthen their overall defenses. Now, in addition to threat and adversary intelligence that can be gathered by deception technology on an attack — counterintelligence can be added to better understand the types of documents being targeted.”
Partners can offer deception-based threat detection as a mechanism for building an active defense for customers across all industries, Crandall said.
“Resellers specializing in IoT, ICS (industrial control system) or POS can now offer early detection for network devices that have been historically difficult to secure,” she said. “Partners selling to legal, technology or entertainment industries can now also promote this counterintelligence solution as a means to understand if their customer is being targeted on a particular case, patent or other IP theft.”
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise