Join us for a discussion and live demo where you will see how the Attivo Networks EDN solution presents a unique and fascinating way to disrupt ransomware’s ability to move laterally. You will also see how this solution prevents unauthorized access to data by concealing production files, folders, removable disks, network shares, and cloud storage. …
Written by: Carolyn Crandall, Chief Deception Officer – Over the past five years, the conversation around cyber deception has advanced from the question of what it is to what to use it for. Fundamentally, cyber deception has evolved into a highly regarded threat detection solution for companies of all sizes and security maturity levels. This blog outlines how the capabilities of deception technology have expanded and the various roles it can play within the security stack. This particular article aligns with the steps a responder will take in preparing for and responding to an attack.
Chris Roberts, Chief Security Strategist at Attivo Networks, the award-winning leader in deception for cybersecurity threat detection, will be a featured speaker at All Day DevOps 2019, on November 6, 2019. Now entering its fourth year, the free event will bring together more than 30,000 DevOps professionals worldwide for interactive education and peer-to-peer insights.
The Federal Information Security Modernization Act (FISMA) annual report to Congress for full year 2018 indicates considerable success in improving the cybersecurity of federal agencies. The headline statistics indicate a 12% reduction in the occurrence of cybersecurity incidents from 35,277 in FY 2017 to 31,107 in FY 2018. “However,” adds the report (PDF), “FY 2018 marked the first year since the creation of the major incident designation that no incidents met the threshold.” A ‘major incident’ is defined as any incident that is likely to result in demonstrable harm to the national security interests, foreign relations, or the economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people. It also applies, with the same criteria, to any breach involving the theft or alteration of PII belonging to more than 100,000 people.
Authored by: Carolyn Crandall, Attivo Networks CMO and Chief Deception Officer – I know Sun Tzu quotes are overdone, but this was so fitting, it just made sense to use it. One of Sun Tzu’s most famous pieces of advice was “know thy enemy.” Those three simple words remain as relevant today as they were 2,500 years ago. And while the enemies we face now are different from those faced by the famous philosopher-general, the lesson remains the same: knowledge is power.
The Attivo Networks ThreatDefend solution is a deception-based platform that provides early and accurate detection of in-network threats and automation to accelerate attack analysis and incident response. The platform is based on decoys, lures, application, and data deceptions that misdirect, deter, and derail threats at initial compromise or that are moving laterally within the network. The platform covers everything from legacy infrastructure to modern cloud architectures, and is simple to deploy from user networks, data centers, clouds, ROBOs, or in specialized environments based on machine self-learning deception preparation, deployment, and operations. The solution stands apart from other deception platforms in its approach to deception authenticity and in its inclusion of automated attack analysis and extensive native integrations for incident response.
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. The goal of CI is to ensure information cannot be modified or destroyed by a malicious actor and that only authorized people can access an organization’s information. CI is often associated with intelligence agencies, government organizations or the military but businesses also benefit from including CI in their approach to security. In cybersecurity, counterintelligence is used to support the information security triad of Confidentiality, Availability, and Integrity (CIA). Many organizations practice aspects of CI, but refer to it by different names, including data loss prevention (DLP), malware reverse engineering and network forensics.
RSA Conference underway
RSA, the world’s largest security conference, is underway this week in San Francisco with attendees from around the world gathering to hear the latest strategies for fighting cyberattacks. They’ll also be able to view the latest hardware and software to protect their most valuable corporate assets. Here is a brief description of some new security products being announced at the conference.