The Attivo Networks ThreatDefend solution is a deception-based platform that provides early and accurate detection of in-network threats and automation to accelerate attack analysis and incident response. The platform is based on decoys, lures, application, and data deceptions that misdirect, deter, and derail threats at initial compromise or that are moving laterally within the network. The platform covers everything from legacy infrastructure to modern cloud architectures, and is simple to deploy from user networks, data centers, clouds, ROBOs, or in specialized environments based on machine self-learning deception preparation, deployment, and operations. The solution stands apart from other deception platforms in its approach to deception authenticity and in its inclusion of automated attack analysis and extensive native integrations for incident response.
By: Edward Amoroso Years ago, I became aware of a cable TV company whose customers were ripping off pay-per-view content. One root cause involved teenagers replacing their set-top box CPU with a test version of the chip purchased from an on-line TTL dealer. Because the test CPU descrambled everything, these clever teens no longer had to squint to make sense of those scrambled images on the Spice Channel.
Attivo Networks announced its designation as a Distinguished Vendor in this year’s 2018 TAG Cyber Security Annual for the second year running. The Annual is a practical handbook and reference guide, designed for the working cyber security professional, created from expert advisory research based on discussions, interviews, website material, and other information. The Distinguished Vendor recognition is an exclusive acknowledgement of companies that demonstrate unique innovation in addressing modern cyber security threats.
By Dr. Edward G. Amoroso, Former SVP and CSO of AT&T; Current CEO of TAG Cyber, LLC.
Imagine this: You are an evil cyber intruder, part of a criminal group targeting enterprise businesses for customer medical and financial records. Your goal is to quietly steal without getting caught. During surveillance, you notice that your victim’s system administrators have made bad decisions, leaving unnecessary ports open, and advertising to the Internet many unnecessary services – some apparently by default. You exploit these weaknesses to initiate a northbound break-in. This is followed by simple lateral traversal inside the firewall, also exploiting bad administrative decisions such as weak access settings on SharePoint sites. And finally, after you’ve found the sensitive files you wanted, you easily exfiltrate the data through wide-open outbound Internet access. The offense wins this battle.