Incident Response

What is Active Defense?

An active defense is the use of offensive actions to outmaneuver an adversary and make an attack more difficult and to carry out. Slowing down or derailing the attacker so they cannot advance or complete their attack increases the probability that the attacker will make a mistake and expose their presence or reveal their attack vector.

Attivo Networks Logo

Attivo Networks® Expands Senior Leadership Team, Announces Steve Troyer as New Vice President of Business Development

Attivo Networks today named Steve Troyer as the company’s vice president of business development. As a proven business development leader and technologist with more than 25 years in enterprise security, networking, and software, Troyer will continue to build out the company’s integration partner network in order to improve customers’ ability to quickly respond to and remediate threats.

Attivo Networks Logo

Attivo Networks Launches Counterintelligence; Bolsters Current Threat and Adversary Intelligence Functionality for Offense-driven Countermeasures

Attivo Networks® today introduced enhancements to its ThreatDefend deception and response platform, which is designed to deceive and reveal attackers that have bypassed perimeter security. The latest version of the ThreatDefend platform augments its current Threat and Adversary Intelligence gathering by adding Counterintelligence that identifies the types of data the attacker is attempting to steal and, through geolocation services, where the documents are being accessed. This information provides powerful insight that can be used to better understand the adversary and strengthen a company’s overall defenses.

Attivo Networks Logo

Attivo Networks® Expands Leadership Team, Names New CTO

Former FireEye CTO Tony Cole Sees the Lure of Deception Technology

Attivo Networks® today announced the appointment of Tony Cole as the company’s new Chief Technology Officer. A globally recognized cybersecurity expert, advisor and strategist, Cole joins to evangelize deception technology as global market demand increases for the company’s ThreatDefend early detection and active response solutions…

Attivo Networks® Receives Validation for Attivo BOTsink® Deception-Based Threat Detection through BD Product Security Partnership Program

“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the health care industry,” said Rob Suarez, director of Product Security for BD. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”

Attivo Networks® Wins Cybersecurity Excellence Awards in Three Categories

“It is an honor to win the popular vote and receive community validation for three Cybersecurity Excellence Awards. We appreciate the recognition of our deception technology innovation and impact to information security defense,” said Attivo Networks CEO, Tushar Kothari. “Attivo Networks is continuously committed to delivering our customers with the latest in technology required to build an active defense for today’s ever-changing threat landscape. This commitment has fueled our tremendous growth and we are excited to build upon this momentum in 2018.”

CSO logo

Security software reviews: How cutting-edge products fare against the latest threats

We go hands-on with some of the most innovative, useful and, arguably, best security tools from today’s most important cybersecurity technology categories.

Attivo addresses the one main weakness of most deception technology, having to rely on other programs to respond to an attack once revealed by the deception network. The Attivo platform offers quick response capabilities and the ability to interact with third-party programs for additional backup, configured using an intuitive drag and drop interface that requires very little training. After that, things like internal sandboxing and phishing e-mail protection are just icing on the cake of an already very impressive product.

Why Deception Technology Will Change The Game In Our Favor Against Cybercrime And Breaches

Then, I heard about Attivo and as one of the four CDM judges on our Infosec Awards from 2017, with them being one of our winners, receiving an overwhelming positive vote from the judges, I wanted to dig into what they are up to a little further and look at them within the purview of the Time-based Security model – could a solution like the Attivo ThreatDefendTM Deception and Response Platform actually deliver a way to slow down the breaches, because, frankly, we’re not yet going fast enough to stop them?

McAfee

Attivo Networks® Achieves Integration with McAfee® ePolicy Orchestrator® Platform through McAfee Security Innovation Alliance™

Attivo Networks® today announced Attivo ThreatDefend™ now integrates with the McAfee ePolicy Orchestrator® (McAfee ePO™) platform to provide a comprehensive solution for advanced threat management and response. This technology integration combines the Attivo ThreatDefend Platform with the McAfee ePO console for increased detection of in-network threats and detailed attack forensics and accelerated incident response. Additionally, the company has joined the McAfee Security Innovation Alliance™ (SIA) partner program. Under the SIA program, the companies will work together to integrate ThreatDefend technology with McAfee Advanced Threat Defense, providing customers an adaptive defense solution to combat modern day advanced threats.

Attivo Networks rolls in incident response and controls into their deception

Black Hat USA 2017 – Las Vegas, NV.
Another company that we have the chance to sit down with was Attivo Networks. Attivo, if you are not familiar with them specialize in network deception through the use of projected systems. These are systems that do not really exist in the network but that occupy space and would appear real to someone looking at the network from behind the scenes. They use different methods to make these systems appear to be real including mapped drives (that are invisible to an actual user). This way when a system on the network is compromised an attacker might be fooled into interacting with a deception system and give themselves away.

Scroll to Top