Attivo Funding Meets Soaring Threat Detection & Response Demand

Attivo ThreatDefend™ Deception and Response Platform and ePolicy Orchestrator Combined Solutions Seek to Deliver Advanced Threat Management and Response
Attivo ThreatDefend™ Deception and Response Platform and ePolicy Orchestrator Combined Solutions Delivers Advanced Threat Management and Response

Attivo Networks, the leader in deception solutions for cybersecurity defense, and a competitor in the 2017 ‘ASTORS’ Homeland Security Awards Program, today announced it has raised $21 million in Series C venture capital funding.

The funding round was led by Trident Capital Cybersecurity with participation from existing investors Bain Capital Ventures and Omidyar Technology Ventures.

The round of funding follows a $15 million Series B financing in May, representing $36 million raised in the last five months and a collective total of $45.7 million overall.

(Learn about deception technology and the Attivo Networks ThreatDefend Deception and Response Platform. Courtesy of Attivo Networks and YouTube)

This new funding will be used to support further development of the Attivo ThreatDefend™ Deception and Response Platform to address the evolving landscape of threats and attack surfaces and to add counterintelligence functionality.

The company will also use the funds to expand global sales initiatives.

Alberto Yépez, a managing director of Trident Capital Cybersecurity and a pioneer of the cybersecurity industry, will join Attivo Networks board.

Yépez has played significant roles as an entrepreneurial and public company CEO, board member, large company senior executive, serial entrepreneur, and an angel and venture capital investor.

Attivo Networks: Revenues Increased 300 Percent; Attracting Fortune 50 Customers

Alberto Yépez, managing director of Trident Capital Cybersecurity
Alberto Yépez, managing director of Trident Capital Cybersecurity

“Attivo is the clear leader in the emerging space of deception solutions that improves real-time breach detection,” Yépez said.

“Deception puts attackers on the defensive making them work harder and increasing their costs. ”

“High accuracy addresses the issue of too many alarms being reported by existing solutions and incident response is improved with the capture of specific techniques and tools being used by the attacker.”

“This is the primary reason why companies are working closely with the Attivo team to help detect and more effectively respond to sophisticated cyber attacks.”

Attivo Networks“Customers are pleased with Attivo’s ability to close detection gaps and easily integrate with their existing cybersecurity investment increasing their overall efficacy.”

Today’s Series C funding comes at an opportune time for Attivo Networks to expand amid the escalating demand for deception technology across the financial, healthcare, technology, retail, energy, and government sectors.

Further adoption of the cloud with shared security models and a heightened need for specialized device protection of industrial control, Internet of Things, and point-of-sale systems has also fueled company growth.

The company has seen revenues increase 300 percent year over year, accumulated an impressive list of Fortune 50 customers, and is engaged with over 350 companies in evaluation and trials of its deception and response technology.

(Carolyn Crandall, CMO of Attivo Networks, explains the importance of deception technology to FOX news. Courtesy of Fox News, Attivo Networks and YouTube)

FBR Capital Markets has estimated that the deception technology market will grow to $3 billion by 2019, three times its size in 2016.

Rik Turner, Principal Analyst at Ovum
Rik Turner, Principal Analyst at Ovum

Rik Turner, principal analyst, infrastructure solutions at Ovum Consulting, states in the 2017 On the Radar Report, “Unlike other deception vendors, Attivo’s offering extends beyond network- and endpoint-based deception technology into vulnerability assessment and response automation, going as far as enabling threat hunting.”

“Attivo stands out for the dynamic nature of its deception technology, while its combination with response automation puts its product ahead of the pack in this market segment.”

Tushar Kothari, CEO of Attivo Networks
Tushar Kothari, CEO of Attivo Networks

“Achieving 100 percent security is not realistic,” explains Tushar Kothari, CEO of Attivo Networks.

“Organizations must know immediately when their perimeter security controls fail and be able to respond quickly.”

“Attivo Networks deception-based detection efficiently closes this detection deficit.”

“It is not enough to understand how an attacker attacks, you must also know how to defend and respond.”

“Attivo engineering has applied its deep expertise based on years of detecting and analyzing threats to deliver an accurate and scalable solution for detecting advanced threats within today’s evolving attack surface.”

Deception-based detection technology changes the game on attackers.

Taking a page out of military operations, Attivo applies deception-based decoy and attacker luring technologies within the network to deceive and misdirect attackers into revealing themselves.

Deception presents a unique opportunity to change the asymmetric war against cyber attackers, altering their reality and imposing increased cost as they are forced to decipher what is real and what is fake.

It is a rare opportunity to exploit the trust that attackers have, slow their attack, and turn the tide against them.

Enrique Salem, managing director, Bain Capital Ventures

“Attivo’s innovation is impressive and strengthens not only in-network detection but also serves to strengthen a company’s edge defense,” added Enrique Salem, managing director of Bain Capital Ventures.

“Since our initial investment in Attivo in 2015, we continue to see the company chart new territory in deception use cases and in the value it presents to customers.”

“Today we’re particularly excited about Attivo’s creation of deception technology for counterintelligence, opening new opportunities for the government to combat targeted attacks.”

One of the greatest challenges faced by computer security professionals is the inability to detect early credential theft and lateral movement within the computer system or network, reflecting an over reliance on their perimeter defenses.

Attivo Networks

This failing is why attackers are able to remain undetected for extended periods of time and disappear into the litany of alerts practitioners receive.

Due to this crucial issue, a 2016 Ponemon Institute study found that organizations on average took more than six months to identify a security breach, as well as an additional 66 days to contain the breach after discovery.

Chris Bishko, partner, Omidyar Technology Ventures
Chris Bishko, partner, Omidyar Technology Ventures

This lack of detection resulted in 1,935 successful breaches in 2016, according to the Verizon DBIR report.

“Traditional security detection technologies must parse through oceans of data in hope of identifying suspicious activity,” noted Chris Bishko, partner, Omidyar Technology Ventures.

“This exercise is akin to looking for a needle in a haystack.”

“Attivo’s deception solutions address the shortcomings of this paradigm.”

“Deception “tripwires” are placed pervasively throughout the network, alerting on attacker engagement, and reducing the risk of incursions remaining undetected for extended periods, as seen in essentially all recent high-profile breaches.”

Attivo Networks Deception: Award-Winning Technology

Attivo Networks deception is designed for an evolving landscape of threats and attack surfaces.

Deception efficiently sets traps, lures, and high-interaction attacker engagement that attracts and misdirects, regardless of whether the attackers are human (advanced persistent threat (APT), insiders, third party) or automated (malware, scripts, bots).

The attacker movement, tools, techniques, and methods can then be analyzed and shared with existing security controls to isolate infected systems, block the attack, and threat hunt for further infections.

With this information, enterprise security staffers can quickly identify the attacker and prevent the threat from executing their mission.

Deception as an efficient approach to in network detection has been widely recognized by analysts, with Neil MacDonald from Gartner, Inc. recommending it as a 2017 top 10 cybersecurity initiative.

In addition, Attivo Networks has received 19 awards from cybersecurity publications in 2017 alone.

It has also attracted positive coverage from a number of technology analyst firms, including Gartner Inc. (Cool Vendor 2016), 451 Research, Frost and Sullivan, TAG Cyber, Ovum, and Information Security Group (ISG).

Attivo ThreatDefend Response

  • As the attacker engages with the deception environment, the BOTsink multi-correlation engine analyzes the attack and creates the forensic reporting for the incident.
  • This attack information will then create evidence-based alerts and be viewable in a threat intelligence dashboard, in which double click actions can be taken through 3rd party integrations to block and quarantine attackers.
  • Companies and agencies can then create repeatable playbooks based on information that they would like shared with their firewalls, endpoint, NAC, and SIEM solutions, so that their security policies can automatically be applied.
Attivo Deception for Threat Detection
Attivo Deception for Threat Detection

In ICS environments, where human lives and safety can be quickly at risk, it is not enough to simply think like an attacker and know how they get in.

One must think like a responder and have deep expertise in detecting and defending against these attackers.

Attivo engineers have applied their extensive expertise in intrusion detection and protection and have designed the ThreatDefend- BOTsink solution for optimal efficiency for ICS network threat detection and accelerated incident response.

Using Attivo deception, the game has changed, attackers must now be right 100% of the time or be caught, and now when they are, organizations are equipped to quickly and efficiently respond to them.

Attivo Networks ThreatDefend in 2017 ‘ASTORS’ Homeland Security Awards Program

The 2017 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

As an ‘ASTORS’ competitor, Attivo ThreatDefend will be competing against the industry’s leading providers of Innovative IT Intrusion Detection & Prevention Solutions.

American Security Today will be holding the 2017 ‘ASTORS’ Awards Presentation Luncheon at 12:00 p.m. to 2:00 p.m, Wednesday, November 15th at ISC East, the Northeast’s largest security industry event, in the Jacob Javits Exhibition Center in New York City.

At ISC East you will have the chance to meet with technical reps from over 225 leading brands in the security industry, allowing you to find out about new products and stay ahead of the competition.

Encompassing everything from Video Surveillance and Access Control to Smart Home Technologies and Unmanned Security, you’re sure to find products and services that will benefit your company and clients.


Good luck to Attivo ThreatDefend on becoming a Winner of the 2017 American Security Today’s Homeland Security Awards Program!

To learn more about ThreatDefend and Attivo Networks wide range of offerings, please visit the company’s website at