As deception technology experiences greater attention and adoption, attackers will seek to detect its presence and circumvent basic detection techniques.
The Attivo ThreatDefend Platform, from Attivo Networks, a competitor in the 2017 ‘ASTORS’ Homeland Security Awards Program, is designed to deceive and captivate the most sophisticated of attackers, even those who may be anticipating deception-based defenses.
(See a brief introduction to deception technology and the Attivo Networks ThreatDefend™ Deception and Response Platform. Courtesy of Attivo Networks and YouTube
Attivo ThreatDefend now integrates with the McAfee ePolicy Orchestrator® (McAfee ePO™) platform to provide a comprehensive solution for advanced threat management and response.
This technology integration combines the Attivo ThreatDefend Platform with the McAfee ePO console for increased detection of in-network threats, detailed attack forensics and accelerated incident response.
Additionally, Attivo Networks has joined the McAfee Security Innovation Alliance™ (SIA) partner program.
Under the SIA program, the companies will work together to integrate ThreatDefend technology with McAfee Advanced Threat Defense, providing customers an adaptive defense solution to combat modern day advanced threats.
“Providing our mutual customers with better data protection and an improved threat defense lifecycle are the top priorities for the McAfee Security Innovation Alliance,” said D.J. Long, head of the McAfee Security Innovation Alliance.
“Partnering with Attivo to combine the strengths of both companies is key to being able to deliver on those goals, and minimize the toll of the advanced threats targeting business, government and consumer data.”
The Attivo Networks ThreatDefend Platform creates an in-network deception environment designed to outmaneuver modern-day attackers and deceive them into revealing their presence.
Changing the balance of power the platform makes the entire network a trap and creates a setting where what is real and what is not becomes unclear to the attacker.
One wrong move and the attacker’s presence is exposed.)
(Learn More, as Carolyn Crandall, CMO of Attivo Networks, explains the importance of deception technology to FOX news.Courtesy of Attivo Networks and YouTube)
High-interaction network and end-point deception lures and decoys reduce time to detection, while automated attack analysis, high-fidelity alerts, third-party integrations, and playbooks accelerate incident response.
Visibility tools provide attack path vulnerability assessments and time-lapsed replays, empowering teams with insight into attacker lateral movement and security gaps.
With the ThreatDefend solution, customers can conveniently start with base detection capabilities and expand platform usage based upon their business requirements.
Attivo ThreatDefend technology integration with McAfee ePO ensures a frictionless deployment of the Attivo ThreatStrike™ suite across multiple endpoints simultaneously.
When attackers attempt to harvest deceptive credentials, extract information or attempt to encrypt mapped drives, they are directed to the Attivo BOTsink engagement server’s automated threat analysis (ATA) engine, which:
- Identifies the infected system
- Captures the Tools, Techniques, Procedures (TTP), and
- Relays an engagement-based alert to the McAfee ePO
- Arming security teams with critical information to promptly quarantine infected systems and mitigate ongoing risks
The compatibility certification also includes Attivo ThreatDefend platform integration with McAfee Enterprise Security Manager where the combined solution enhances the value to an organization’s threat management infrastructure through streamlined information sharing and response automation.
This joint solution provides visibility and control over security events by helping cut through the noise of billions of logged events, in turn empowering prioritization of critical incidents and early response and remediation to high-fidelity alerts leading to a reduction in the organization’s risk of breaches and data loss.
“Together, these solutions empower customers to continuously monitor their network health, gauge anomalies in real-time, and automate incident response,” said Attivo Networks CEO, Tushar Kothari.
“This certification serves as validation that the solution has passed rigorous compatibility testing and is ready for enterprise grade deployment.”
“We are also excited to be a part of the McAfee Security Innovation Alliance program, where we can work together to help customers build an adaptive security defense against advanced threats.”
As part of the commitment by Attivo Networks and McAfee to provide advanced security solutions to protect against cyber threats, the unified solution is designed to both expand centralized visibility and management of attacks and drive continuous improvements that help detect new threats faster and enable automated workflows to rapidly correct them.
Attivo Networks in 2017 ‘ASTORS’ Homeland Security Awards Program
The 2017 ‘ASTORS’ Homeland Security Awards Program, organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’
As an ‘ASTORS’ competitor, Attivo Networks will be competing against the industry’s leading providers of Innovative Integrated Security Management Solutions.
Good luck to Attivo Networks on becoming a Winner of the 2017 American Security Today’s Homeland Security Awards Program!
To learn more about Attivo Networks wide range of offerings, please visit the company’s website at https://attivonetworks.com/