Attivo Networks, the 2017 Platinum ‘ASTORS’ Homeland Security Award-Winning leader in deception for cybersecurity threat detection, is further enhancing its portfolio with advanced deception techniques designed specifically to accurately detect and derail sophisticated attacks targeting serverless applications in cloud and data center environments.
Created for the dynamic nature of cloud environments as well as shared security models, organizations can now add a proactive defense across traditional data centers and within popular public cloud platforms such as Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS).
Based on their ability to dynamically scale and improve utilization of server resources, serverless and container architectures are rapidly growing in popularity.
However, as with many new technologies, these architectures have advanced ahead of traditional security controls, leaving gaps which attackers can exploit.
Attivo Networks Deception for AWS Serverless Deployments
These ThreatDefend™ platform enhancements break new ground in threat detection by covering all attack surfaces and reducing cloud security risks from gaps left by legacy enterprise tools.
ThreatDefend delivers a scalable deception-based defense for the early and accurate detection of credential theft attempts, in-network lateral movement, and advanced attacks targeting critical servers and databases.
“Detecting cloud-based, in-network threats and the lateral movement of attackers has been challenging for legacy security controls,” explains Tushar Kothari, CEO of Attivo Networks.
“By working closely with our customers, Attivo has developed new functionality within our deception offerings that accurately closes detection gaps and reduces risks, further empowering organizations to leverage the maximum benefits of the public cloud environment.”
“We have achieved this without limiting their ability to detect and respond quickly to threats.”
This new functionality builds upon the company’s ThreatDefend deception portfolio, which provides extensive network, application, endpoint, and data deceptions for servers, cloud, user networks, and specialized environments such as IoT (Internet of Things), SCADA (Supervisory Control and Data Acquisition), POS (Point of Sale), network, and telecommunications.
(See a brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform. Courtesy of Attivo Networks and YouTube. Posted on Jun 22, 2018)
Unlike other detection methods that rely solely on signatures, behavioral analysis, or database look-ups, Attivo Networks deception technology provides a preemptive defense based on lures and decoy traps.
Attivo’s new solution proactively deceives and misdirects an attacker into revealing their presence.
Furthermore, since the platform is built with data center scalability in mind, it can easily operate without reliance on physical and virtual machine architectures.
The new enhancements expand deception decoys and lures for containers, serverless, and cloud shared security models, which will provide scalable detection of attacker lateral movement, credential harvesting, and a means to verify security controls.
Additionally, platform enrichments include support for Lambda functions and CloudWatch/SIEM (Security Information and Event Management) monitoring for finding attempted use of deception credentials.
The solution works by creating decoys that appear as production containers and by creating deceptive credentials, which can be embedded in container data sources.
(Learn More from Tony Cole, Attivo Networks CTO, as he discusses deception technology at InfoSec Europe in London. Courtesy of Attivo Networks and YouTube. Posted on Jul 20, 2018.)
Collectively, the solution will entice in-network attackers with highly authentic looking credentials, decoys, applications, and database deceptions designed to attract adversaries into engaging.
Any engagement with the deception environment will result in a high-fidelity alert being raised and the collection of threat intelligence.
It will also efficiently pick up policy violations from both the organization and its providers.
Through the deception environment’s collection of attack forensics, organizations will gain valuable insight into attacker intent and threat intelligence required for blocking attacks, threat hunting, and returning adversary mitigation.
These new ThreatDefend enhancements represent Attivo Networks continued efforts in providing the ultimate flexibility in choice when migrating to container or serverless cloud computing, without concern of security threat detection limitations.
Attivo Networks at a Glance
Attivo Networks provides an active defense for early detection, forensics, and automated incident response to in-network attacks.
Furthermore, the Attivo ThreatDefend™ Deception Platform provides a comprehensive and customer proven platform for proactive security and accurate threat detection within user networks, data centers, clouds, and a wide-variety of specialized attack surfaces.
The portfolio includes expansive network, endpoint, application, and data deceptions designed to efficiently misdirect and reveal attacks from all threat vectors.
Advanced machine-learning makes preparation, deployment, and operations fast and simple to operate for organizations of all sizes.
Comprehensive attack analysis and forensics provide actionable alerts, and native integrations automate the blocking, quarantine, and threat hunting of attacks for accelerated incident response.
Attivo Networks Competes in 2018 ‘ASTORS’ Homeland Security Awards Program
AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.
The 2018 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, Border Security, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.
As an ‘ASTORS’ competitor, Attivo Networks will be competing against the industry’s leading providers of Innovative Cybersecurity, Intrusion Detection, Threat Intelligence and Vulnerability Management Solutions.
To Learn More about the ‘ASTORS’ Homeland Security Awards Program, see 2017 ‘ASTORS’ Homeland Security Award Winners Honored at ISC East.
Over 100 distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government, gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included representatives from:
- The Department of Homeland Security(DHS) Science and Technology Directorate (S&T)
- U.S. Customs and Border Protection
- The Department of Justice
- The Security Exchange Commission
- State and Municipal Law Enforcement Agencies
- The Royal Canadian Mounted Police
- Leaders in Private Security