endpoint protection Blog Terms - Attivo Networks

endpoint protection

CISOTalk Webinar Series

CISOTalk Webinar Series: Closing the Gap Between Endpoint and Identity Protection

There has been tremendous attention given to recent large-scale attacks and why they have been so challenging to avoid, detect, and remediate. When attackers evade the first line of network defense, having secondary controls to fill in the gaps is crucial in detecting adversaries who can break free to infiltrate the network. This session will …

CISOTalk Webinar Series: Closing the Gap Between Endpoint and Identity Protection Read More »

Preventing SCCM Compromise and Deployment of Ransomware

Author: Biju Varghese, Technical Product Manager – Adversaries are adopting creative methods in these COVID-19 epidemic conditions to gain access to company assets. Ransomware is one such creative digital form of extortion that affects companies of all sizes. One prevalent method adversaries use to compromise and deploy ransomware to multiple systems is using a single management server in the organization.

New version of ThreatPath detects and eliminates exposure of credentials at the endpoint

Attivo Networks has expanded its ThreatPath solution, which is part of the modular ThreatDefend Endpoint Detection Net (EDN) product family. … ThreatPath continuously monitors the threat posed by exposed access data and now offers companies additional options for identifying high-risk threats and automatically eliminating them. These include identities with excessive privileges, unprotected application data sources, …

New version of ThreatPath detects and eliminates exposure of credentials at the endpoint Read More »

EDN-Deflect

Sending Attackers to the Twilight Zone with Attivo’s EDN Deflect

Written by: Joseph Salazar, Technical Marketing Engineer – *Best read in the style of Rod Serling* Picture if you will, an attacker breaking into a computer system for a retail organization he’s been targeting for a few months. He’s managed to trick a user into clicking on a malicious email with custom malware that evaded detection and now has remote access to the network. He installs some back doors to make sure he can get back in, and then decides to steal some credentials. He finds one that looks promising called “sqladmin” in the credential manager. To make sure it is legitimate, he spins up a command prompt, queries Active Directory for the “sqladmin” login, and confirms that it is authentic. He then looks up the IP address of his beachhead system and pings the next system up from it (because only script kiddies scan the entire network). Just his luck, the IP address responds. Little does he know that he’s about to enter into the Twilight Zone.

nation state attacks

Attivo Endpoint Detection Net to Counter Nation-State Attacks

Written by Tony Cole, Attivo Networks CTO – There is a tremendous amount of history surrounding the world of espionage. Today most people think of movies like the James Bond series, which really ignites the imagination on espionage between nation-states. Even the old sitcom from the 60s’ called ‘Get Smart’ mocking the espionage movies had some spy items in the show that were pretty close to today’s reality. Although we often think most of the Hollywood gimmicks and tools used by 007 or Maxwell Smart are far-fetched, some really weren’t that far off the mark.

Who is behind APT29? What we know about this nation-state cybercrime group

APT29 has been accused of targeting coronavirus vaccine organizations, but this is not the first time the group has attracted global attention … Who is behind APT29? What we know about this nation-state cybercrime group … Tony Cole, CTO at Attivo Networks, added: “It’s unfortunate that an actor such as APT29 with such sophisticated capabilities …

Who is behind APT29? What we know about this nation-state cybercrime group Read More »

Intelligent CISO

Attivo Networks announces endpoint capabilities that catch attackers at ‘Hello’

Attivo Networks, an award-winning leader in cyber deception and attacker lateral movement threat detection, has introduced new capabilities to its Endpoint Detection Net (EDN) solution that prevent attackers from fingerprinting an endpoint to identify security weaknesses and from conducting reconnaissance. … Attackers use fingerprinting to identify targets, decide which vulnerabilities to exploit and determine how …

Attivo Networks announces endpoint capabilities that catch attackers at ‘Hello’ Read More »

Game Changing Breach Defense by Dramatically Improving Endpoint Security

It’s 2020 and the breaches just keep coming. Join Attivo Networks CTO, Tony Cole, for a discussion with CDM on how to better protect your endpoints and prevent attackers from moving laterally across your enterprise. Attivo Networks has pioneered a new approach to protecting endpoints with their Endpoint Detection Net (EDN) solution. Designed to serve …

Game Changing Breach Defense by Dramatically Improving Endpoint Security Read More »

Users of EPP or EDR Solutions Will Also Want to Do This

Written by: Carolyn Crandall, Chief Deception Officer and CMO – Even with the best Endpoint Protection (EPP) and Endpoint Detection and Response (EDR) solutions, a persistent attacker will eventually infiltrate a network. As a safety net to your prevention controls, the newly announced Attivo Endpoint Detection Net (EDN) Suite stands by to prevent the breakout or lateral movement of an attacker from an infected system.

Protecting Data on the New Security Battleground: Endpoints

Attivo Networks, a provider of cybersecurity threat detection solutions, has announced new capabilities within its ThreatDefend Detection Platform that aim to anticipate and address methods an attacker will use to break out from an infected endpoint.
Protecting endpoints and preventing the spread of infected systems is a critical concern for organizations of all sizes, according to research revealing that attackers can move off of an initially compromised system in 4.5 hours, on average. Further, new research shows that the average dwell time—the time it takes to detect attackers operating within an enterprise network—increased an average of 10 days in 2019, from 85 to 95 days, highlighting the escalating requirement to secure endpoints and prevent an adversary from establishing a foothold.

Scroll to Top