CLOAKING - Attivo Networks

CLOAKING

Stop attackers early in their process by hiding critical data, credentials, Active Directory objects, storage locations, and accounts.

Overview

Endpoint compromises are happening at a relentless pace, leading to significant ransomware demands and business disruption. Organizations must stop stage 2 post compromise attack activity quickly, which requires reliable prevention and detection of attacker in-network lateral movement and privilege escalation activities.

Derailing lateral movement centers on preventing cybercriminals from seeing and accessing local file and account information that can lead to data theft or destruction. The Attivo Networks endpoint-based DataCloak function prevents attackers from finding and accessing critical data and exploiting local files, accounts, and storage locations. Credential and Active Directory object cloaking also serve to restrict credential theft and misuse, while binding credentials to applications prevents unauthorized access. By denying attackers the ability to see or exploit critical data, organizations can efficiently disrupt discovery and lateral movement activities, and drastically reduce the risk of a successful ransomware or other destructive attack.

“54% OF THE TECHNIQUES AND TACTICS USED TO EXECUTE TESTING OF LATERAL MOVEMENT WERE MISSED.”

2020 MANDIANT SECURITY EFFECTIVENESS REPORT​

Awards

Benefits

Hide and Deny Access to Local, Network, and Cloud Storage

Icon_Ransomware-Protection_white-e1631293791791

Ransomware Protection

  • Hide and deny access to ransomware to prevent discovery or encryption of local, network, or cloud-stored data
Icon_Deny-Privilege-Escalation-e1631293872462

Deny Privilege Escalation

  • Hide Local Administrator accounts so attackers can’t use them to escalate privileges
Icon_Prevent-Lateral-Movement_white_1-e1631293919537

Prevent Lateral Movement

  • Hide credentials to prevent attackers from gaining unauthorized access and moving laterally through the network

Attivo Networks Solution Overview

Cloaking-Prevent-Cybercriminals-diagram

HIDE CRITICAL AREAS OF YOUR NETWORK

Insider Threat Supplier/Local Files

Local Files

Local Folder Single

Local Folders

Network Shares

Network Shares

Mitigate Risk

Cloud Shares

Removable Drives

Removable Drives

Local Admin Accounts

Local Admin Accounts

Application Credentials

Application Credentials

Resources

Solution Brief
DERAILING RANSOMWARE AND RELATED MALWARE ATTACKS
td-platform-vid
ENDPOINT DETECTION NET DATASHEET
Solution Brief
THREATDEFEND OVERVIEW

Content

Attivo Networks’ Effective Approach to Fight Ransomware
Hide and Deny Access to Ransomware Attackers
Solution Brief: Ransomware Mitigation
Using Data Concealment to Derail Attackers

Ready to find out what’s lurking in your network?

Scroll to Top