“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the health care industry,” said Rob Suarez, director of Product Security for BD. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”
“It is an honor to win the popular vote and receive community validation for three Cybersecurity Excellence Awards. We appreciate the recognition of our deception technology innovation and impact to information security defense,” said Attivo Networks CEO, Tushar Kothari. “Attivo Networks is continuously committed to delivering our customers with the latest in technology required to build an active defense for today’s ever-changing threat landscape. This commitment has fueled our tremendous growth and we are excited to build upon this momentum in 2018.”
We go hands-on with some of the most innovative, useful and, arguably, best security tools from today’s most important cybersecurity technology categories.
Attivo addresses the one main weakness of most deception technology, having to rely on other programs to respond to an attack once revealed by the deception network. The Attivo platform offers quick response capabilities and the ability to interact with third-party programs for additional backup, configured using an intuitive drag and drop interface that requires very little training. After that, things like internal sandboxing and phishing e-mail protection are just icing on the cake of an already very impressive product.
Another key way to restack the deck in favor of organizational victims of cyber breaches is for them to embrace an offensive, as well as defensive stance against threat actors. Among the interesting players in this space is Attivo Networks, a leader in deception solutions for cybersecurity defense. Attivo develops traps and lures – called “honey nets” – to attract an attacker, which can be a human or a bot or an advanced persistent threat. Then it locks up the perpetrator in quarantine within the system and records actions and details for forensic analysis.
Then, I heard about Attivo and as one of the four CDM judges on our Infosec Awards from 2017, with them being one of our winners, receiving an overwhelming positive vote from the judges, I wanted to dig into what they are up to a little further and look at them within the purview of the Time-based Security model – could a solution like the Attivo ThreatDefendTM Deception and Response Platform actually deliver a way to slow down the breaches, because, frankly, we’re not yet going fast enough to stop them?
Attivo Networks® today announced Attivo ThreatDefend™ now integrates with the McAfee ePolicy Orchestrator® (McAfee ePO™) platform to provide a comprehensive solution for advanced threat management and response. This technology integration combines the Attivo ThreatDefend Platform with the McAfee ePO console for increased detection of in-network threats and detailed attack forensics and accelerated incident response. Additionally, the company has joined the McAfee Security Innovation Alliance™ (SIA) partner program. Under the SIA program, the companies will work together to integrate ThreatDefend technology with McAfee Advanced Threat Defense, providing customers an adaptive defense solution to combat modern day advanced threats.
Black Hat USA 2017 – Las Vegas, NV.
Another company that we have the chance to sit down with was Attivo Networks. Attivo, if you are not familiar with them specialize in network deception through the use of projected systems. These are systems that do not really exist in the network but that occupy space and would appear real to someone looking at the network from behind the scenes. They use different methods to make these systems appear to be real including mapped drives (that are invisible to an actual user). This way when a system on the network is compromised an attacker might be fooled into interacting with a deception system and give themselves away.
Attivo Networks® announced today that Network Products Guide, an industry leading technology research and advisory guide, has been named a silver winner in the 2017 IT World Awards® in the Best Deployments in U.S. category for work the company has done for Aflac, the leader in voluntary insurance sales at the worksite in the U.S. The Aflac deception-based security deployment was awarded based on its business value and technology innovation to address modern-day cyber threats.
Why Cyber Security?
The WannaCry virus which crippled over 300,000 computers globally reminded the world how fragile computer systems are. As IT systems are playing a larger role in all of our lives, how to shield the system against malicious attacks is one of the most pressing issues prioritise by many.
According to PWC’s crime survey 2016, incidence of cybercrime increased sharply among their respondents, making it the 2nd among the most reported types of economic crime. Yet, most companies are not adequately prepared for it, only 40% of the companies responded to the survey have personnel that are “fully trained” to act as the first responder and only 37% have fully operational incident response plan.
Organizations continue to state that deploying effective and efficient incident response remains one of their top ongoing challenges. Unfortunately, there isn’t an easy solution since the goal line continues to move back, while the “game” gets increasingly more complex. CSIRTs battle with a combination of more malicious activity data to sift through; limited time, manpower and expertise resources; and of course, the more severe consequences of today’s data breaches. Here are seven key steps that can help simplify and improve the process of detection, incident handling and response.