Concealment
Stop attackers early in their process by hiding critical data, credentials, Active Directory objects, storage locations, and accounts.
Overview
Endpoint compromises are happening at a relentless pace, leading to significant ransomware demands and business disruption. Organizations must stop post-compromise attack activity quickly, which requires reliable prevention and detection of attacker in-network lateral movement and privilege escalation activities.
Derailing lateral movement centers on preventing cybercriminals from seeing and accessing network or local data and account information that can lead to theft or destruction. The Attivo Networks endpoint-based concealment function prevents attackers from finding and accessing critical data and exploiting local and AD accounts, data, and storage locations. Credential and Active Directory object concealment also serve to restrict credential theft and misuse, while binding credentials to applications prevents unauthorized access. By denying attackers the ability to see or exploit critical data, organizations can efficiently disrupt discovery and lateral movement activities, and drastically reduce the risk of a successful ransomware or other destructive attack.
WHY USE CONCEALMENT TECHNOLOGY
Attackers can’t access, alter, or destroy objects they can’t see. Attivo Networks protects critical data and storage by hiding:
HOW CONCEALMENT WORKS
Concealment technology prevents attackers from seeing or gaining access to information, files, and storage they could use to progress their attack with discovery, lateral movement, and privilege escalation activities. As attackers attempt to discover or access these objects, the platform raises an alert containing the details of their activities down to the process and command line level.
Benefits
Hide and Deny Access to Credentials and Local, Network, or Cloud Storage
- Prevent ransomware from discovering or encrypting data by hiding and denying access to storage and credentials
- Hide Local or Active Directory privileged accounts so attackers can’t use them to escalate privileges
- Hide credentials and mapped network shares to prevent attackers from gaining unauthorized access and moving laterally through the network
“54% OF THE TECHNIQUES AND TACTICS USED TO EXECUTE TESTING OF LATERAL MOVEMENT WERE MISSED.”
— 2020 MANDIANT SECURITY EFFECTIVENESS REPORT​
Attivo Networks Concealment Coverage Overview
HIDE CRITICAL AREAS OF YOUR NETWORK
Local Files
Local Folders
Network Shares
Cloud Shares
Removable Drives