Attivo Closes Serverless & Container Security Gaps Through Deception

Attivo Launches Counterintelligence; Bolsters Current Threat and Adversary Intelligence Functionality for Offense-driven Countermeasures
Attivo Networks changes the game on the modern-day human attacker. Deception technology provides a threat defense of traps and lures designed to deceive attackers into revealing themselves. Engagement-based attack analysis, forensics, and 3rd party integrations accelerate incident response.

Attivo Networks, the 2017 Platinum ‘ASTORS’ Homeland Security Award-Winning leader in deception for cybersecurity threat detection, is further enhancing its portfolio with advanced deception techniques designed specifically to accurately detect and derail sophisticated attacks targeting serverless applications in cloud and data center environments.

Created for the dynamic nature of cloud environments as well as shared security models, organizations can now add a proactive defense across traditional data centers and within popular public cloud platforms such as Google Cloud Platform (GCP), Microsoft Azure, and Amazon Web Services (AWS).

Based on their ability to dynamically scale and improve utilization of server resources, serverless and container architectures are rapidly growing in popularity.

However, as with many new technologies, these architectures have advanced ahead of traditional security controls, leaving gaps which attackers can exploit.

Attivo Networks Deception for AWS Serverless Deployments

Attivo Networks Deception for AWS Serverless Deployments

These ThreatDefend™ platform enhancements break new ground in threat detection by covering all attack surfaces and reducing cloud security risks from gaps left by legacy enterprise tools.

ThreatDefend delivers a scalable deception-based defense for the early and accurate detection of credential theft attempts, in-network lateral movement, and advanced attacks targeting critical servers and databases.

Tushar Kothari, CEO of Attivo Networks
Tushar Kothari, CEO of Attivo Networks

“Detecting cloud-based, in-network threats and the lateral movement of attackers has been challenging for legacy security controls,” explains Tushar Kothari, CEO of Attivo Networks.

“By working closely with our customers, Attivo has developed new functionality within our deception offerings that accurately closes detection gaps and reduces risks, further empowering organizations to leverage the maximum benefits of the public cloud environment.”

“We have achieved this without limiting their ability to detect and respond quickly to threats.”

This new functionality builds upon the company’s ThreatDefend deception portfolio, which provides extensive network, application, endpoint, and data deceptions for servers, cloud, user networks, and specialized environments such as IoT (Internet of Things), SCADA (Supervisory Control and Data Acquisition), POS (Point of Sale), network, and telecommunications.

(See a brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform. Courtesy of Attivo Networks and YouTube. Posted on Jun 22, 2018)

Unlike other detection methods that rely solely on signatures, behavioral analysis, or database look-ups, Attivo Networks deception technology provides a preemptive defense based on lures and decoy traps.

Attivo’s new solution proactively deceives and misdirects an attacker into revealing their presence.

Furthermore, since the platform is built with data center scalability in mind, it can easily operate without reliance on physical and virtual machine architectures.

Attivo Networks Kill Chain

The new enhancements expand deception decoys and lures for containers, serverless, and cloud shared security models, which will provide scalable detection of attacker lateral movement, credential harvesting, and a means to verify security controls.

Additionally, platform enrichments include support for Lambda functions and CloudWatch/SIEM (Security Information and Event Management) monitoring for finding attempted use of deception credentials.

The solution works by creating decoys that appear as production containers and by creating deceptive credentials, which can be embedded in container data sources.

(Learn More from Tony Cole, Attivo Networks CTO, as he discusses deception technology at InfoSec Europe in London. Courtesy of Attivo Networks and YouTube. Posted on Jul 20, 2018.)

Collectively, the solution will entice in-network attackers with highly authentic looking credentials, decoys, applications, and database deceptions designed to attract adversaries into engaging.

Any engagement with the deception environment will result in a high-fidelity alert being raised and the collection of threat intelligence.

It will also efficiently pick up policy violations from both the organization and its providers.

Through the deception environment’s collection of attack forensics, organizations will gain valuable insight into attacker intent and threat intelligence required for blocking attacks, threat hunting, and returning adversary mitigation.

These new ThreatDefend enhancements represent Attivo Networks continued efforts in providing the ultimate flexibility in choice when migrating to container or serverless cloud computing, without concern of security threat detection limitations.

Attivo Networks at a Glance

Attivo Networks provides an active defense for early detection, forensics, and automated incident response to in-network attacks.

Furthermore, the Attivo ThreatDefend™ Deception Platform provides a comprehensive and customer proven platform for proactive security and accurate threat detection within user networks, data centers, clouds, and a wide-variety of specialized attack surfaces.

Attivo ThreatDefend

The portfolio includes expansive network, endpoint, application, and data deceptions designed to efficiently misdirect and reveal attacks from all threat vectors.

Advanced machine-learning makes preparation, deployment, and operations fast and simple to operate for organizations of all sizes.

Comprehensive attack analysis and forensics provide actionable alerts, and native integrations automate the blocking, quarantine, and threat hunting of attacks for accelerated incident response.

Attivo Networks Competes in 2018 ‘ASTORS’ Homeland Security Awards Program

AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.

2017 ASTORSThe 2018 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, Border Security, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.

As an ‘ASTORS’ competitor, Attivo Networks will be competing against the industry’s leading providers of Innovative Cybersecurity, Intrusion Detection, Threat Intelligence and Vulnerability Management Solutions.

To Learn More about the ‘ASTORS’ Homeland Security Awards Program, see 2017 ‘ASTORS’ Homeland Security Award Winners Honored at ISC East.

The 2017 ‘ASTORS’ Homeland Security Awards Presentation Luncheon
The 2017 ‘ASTORS’ Homeland Security Awards Presentation Luncheon

Over 100 distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government, gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included representatives from:

  • 2018 ASTORSThe Department of Homeland Security(DHS) Science and Technology Directorate (S&T)
  • U.S. Customs and Border Protection
  • The Department of Justice
  • The Security Exchange Commission
  • State and Municipal Law Enforcement Agencies
  • The Royal Canadian Mounted Police
  • Leaders in Private Security

American Security Today will be holding the 2018 ‘ASTORS’ Awards Presentation Luncheon to honor Nominees, Finalists and Winners on November 14, 2018 at ISC East 2018 in New York City.

Last Call for the 2018 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Good luck to Attivo Networks on becoming a Winner of the 2018 American Security Today’s Homeland Security Awards Program!

To Learn More about the Attivo ThreatDefend™ Deception Platform, please visit www.attivonetworks.com.

Attivo Networks logoThe highlight of the 2018 AST Homeland Security Awards Season will be the 2018 ‘ASTORS’ Awards Presentation Luncheon to honor Nominees, Finalists and Winners on November 14, 2018 at ISC East 2018 at the Jacob Javits Exhibition Center.

Join us in Recognizing these Industry-Leading Firms for their Outstanding Product Development  Achievements, Exciting New Technologies and Innovative Education Programs to address the growing Homeland Security Threats our Nation is facing.

Exclusive luncheon and networking opportunity at ISC East 2018.
Exclusive luncheon and networking opportunity at ISC East 2018.

Take advantage of this exclusive luncheon opportunity to Invite your Guests, Clients and Show Visitors to a lovely & affordable plated meal event in the heart of New York City, for a Fabulous Networking Opportunity!

ISC East is the Northeast’s largest security industry event and your ‘ASTORS’ Awards Luncheon registration includes complimentary attendee access to the show.

Already Exhibiting and/or Attending the 2018 ISC East Conference?

Join us to meet the 2018 ‘ASTORS’ Award Winning Company Executives & Government Agency Representatives.

Register today for the ‘ASTORS’ Homeland Security Awards Luncheon on November 14th, in New York City and give yourself & your clients a break from the show!

Gourmet luncheon choices available per person, or reserve a table – make an Impression on your Guests and Receive an Exclusive Discount Opportunity.

To Learn More about the AST 2018 ‘ASTORS’ Homeland Security Awards Program and Luncheon, please contact Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com or call 732.233.8119 (mobile) or 646-450-6027.