EDR

Dark Reading

Rethinking Endpoint Security in 2022

By Carolyn Crandall, Chief Security Advocate, Attivo Networks Compromising an endpoint is one of the most common ways for an attacker to access an organization’s network. As more organizations grapple with the challenges of hybrid workplaces and unmanaged devices, security teams need to rethink their approach to endpoint security. Endpoint detection and response (EDR) tools …

Rethinking Endpoint Security in 2022 Read More »

It wire logo

Research finds attackers targeting Active Directory: 50% of businesses experienced an attack with >40% success

GUEST RESEARCH: Attivo Networks, the experts in preventing identity privilege escalation and detecting lateral movement attacks, today announced the availability of a new research report conducted by Enterprise Management Associates (EMA) and commissioned in part by Attivo Networks. The report focuses on Active Directory (AD), the directory-based identity services platform used by 90% of enterprises …

Research finds attackers targeting Active Directory: 50% of businesses experienced an attack with >40% success Read More »

Help Net Security Logo

Obstacles and threats organizations face when protecting AD

Attivo Networks announced the availability of a research report conducted by Enterprise Management Associates (EMA) which focuses on Active Directory (AD), exploring the obstacles and threats organizations face when protecting AD and how they adapt to address these growing concerns. As evidence of the value that attackers place in exploiting Active Directory and the privileges it contains, …

Obstacles and threats organizations face when protecting AD Read More »

Help Net Security Logo

How do I select a remote workforce protection solution for my business?

Comments from Carolyn Crandall, Chief Deception Officer, Attivo Networks When selecting a remote workforce protection solution, CISOs need to consider three key areas: exposed endpoints, security for Active Directory (AD) and preventing malware from spreading. Exposed endpoints: standard anti-virus software and VPNs are no match for advanced signature-less or file-less attack techniques. EDR tools enhance …

How do I select a remote workforce protection solution for my business? Read More »

Results Show Boost in APT Detection Rates with Attivo Endpoint Detection Net (EDN) Suite

Written by: Marc Feghali, Co-founder and VP of Product Management – Detecting more tactics of the MITRE ATT&CK® Matrix for Enterprise and achieving broader coverage is demonstrable when you incorporate the Attivo EDN suite to any EPP/EDR solution. The EDN suite produced an average increase of 42% in the detection rate when assessed with leading endpoint security solutions during a recent MITRE ATT&CK evaluation.

Users of EPP or EDR Solutions Will Also Want to Do This

Written by: Carolyn Crandall, Chief Deception Officer and CMO – Even with the best Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) solutions, a persistent attacker will eventually infiltrate a network. As a safety net to your prevention controls, the newly announced Attivo Endpoint Detection Net (EDN) Suite stands by to prevent the breakout or lateral movement of an attacker from an infected system.

Attivo Networks

Attivo Networks® Ambushes Attackers at the Endpoint

As Dwell Time Continues to Rise, Enhanced ThreatDefend Platform® Capabilities Close Detection Gaps and Opportunities for Lateral Movement. FREMONT, Calif.–(BUSINESS WIRE)–Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, today announced new capabilities within its ThreatDefend® Detection Platform that aim to anticipate methods an attacker will use to break out from an infected endpoint and ambush their every move. This unique approach to detection specifically focuses on reducing the time an attacker can remain undetected and the amount of effort required for an organization to restore environments to normal operations. This new Endpoint Detection Net offering will also serve as a powerful protection force-multiplier for businesses using Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) solutions by closing detection gaps and facilitating automated incident response.

CISO Mag logo

Lock Down the Endpoint with Cyber Deception

Every device that connects to a network creates a security risk. There are many forms of defenses designed to protect these endpoints including anti-virus, firewalls, HIPS, endpoint detection and response (EDR), and other forms of access control. Most of these solutions require installed agents to manage authorizations and authentication, track device activities, and detect and remove viruses and malware. Despite the efforts applied to endpoint protection and EDR solutions, it is inherently insufficient. Even if you could find every endpoint, manage every agent, and keep every device consistently patched, there are fundamentally too many attack vectors to keep up with.

CISO Mag logo

Four things to know about Deception Technology and EDR

Many will advocate that the cybersecurity battle is fought at the endpoint. Completely secure these devices and the attacker will not be able to advance their attack. This belief has fueled a new interest and focus on moving from endpoint protection (EPP) to endpoint detection and response solutions (EDR) as well as managed detection and response (MDR) solutions. The threat landscape is rapidly changing, and organizations’ defenses need to change with it. The latest generation of sophisticated attackers have proven that they can evade anti-virus solutions and bypass traditional perimeter defenses. Given their ability to routinely compromise networks, it has become more important than ever to layer in a “Defense in Depth” strategy that includes prevention, detection, and response. In many cases, predictive measures are also becoming a factor, increasing the need for collection of threat intelligence, which may have been discarded with prior prevention-only approaches.

Scroll to Top