Cyber Defense Magazine - Annual RSA Conference 2019 - Print Edition
Cyber Defense Magazine - Electronic Version - Annual RSA Conference 2019 - Print Edition
Cyber Defense Magazine - Electronic Version - Annual RSA Conference 2019 - Print Edition
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Prior investments made for innetwork<br />
threat detection have<br />
been historically low, driven<br />
by detection technologies that<br />
generated false alarms or were<br />
limited to only detecting known<br />
attacks. Attivo brings forward a<br />
different approach to detection,<br />
which provides tremendous value<br />
based on its ability to accurately<br />
detect threats, raise only highfidelity<br />
substantiated alerts, and<br />
provide native integrations for<br />
automated incident response.<br />
Deception technology provides<br />
organizations the ability to create<br />
a proactive defense against the<br />
adversary. This includes setting<br />
decoy landmines lying in wait for<br />
the attacker, proactive luring for<br />
revealing in-network attackers,<br />
and the ability to collect rich<br />
adversary intelligence that can<br />
be used to verify eradication of<br />
threats, mitigation of returning<br />
perpetrators, and fortifying<br />
overall defenses. DecoyDocs<br />
can also be insightful for<br />
understanding what an attacker<br />
is targeting and the geolocation<br />
of opened documents.<br />
Attivo commercial-grade<br />
deception has removed prior<br />
scalability and operational<br />
management barriers that had<br />
limited the adoption of earlier<br />
deception technologies. The<br />
company’s use of machine<br />
self-learning automates the<br />
preparation, deployment,<br />
and ongoing maintenance of<br />
the deception environment<br />
and the solution’s flexible<br />
architecture makes deploying<br />
across datacenters, cloud, user<br />
networks, remote locations, and<br />
specialized networks quick and<br />
easy. It is now so simple that<br />
customers report that it takes<br />
less than 5% of one FTE’s time<br />
to manage the Attivo deception<br />
platform.<br />
It is notable that Gartner is<br />
recommending deception<br />
technology as a top 10 strategic<br />
technology trend for 2018 and<br />
views Attivo Networks as a market<br />
leader with the most mature and<br />
comprehensive portfolio.<br />
Attivo ThreatDefend Deception<br />
and Response Solution:<br />
The ThreatDefend Platform<br />
provides a powerful security<br />
control for early threat detection<br />
and for applying a proactive<br />
defense that can be used<br />
to change the asymmetry<br />
of an attack. As the most<br />
comprehensive and scalable<br />
platform on the market, Attivo<br />
dynamic traps, bait, and lures<br />
provide threat deception for<br />
today’s evolving attack surfaces<br />
including networks, cloud,<br />
data centers, remote offices,<br />
and specialized environments<br />
such as IoT, medical IoT, ICS-<br />
SCADA, POS, infrastructure, and<br />
telecommunications. By creating<br />
attractive and believable decoys,<br />
the solution turns the network<br />
into a virtual “hall of mirrors,”<br />
that disrupts an attacker’s reality<br />
and imposes increased cost as<br />
they are forced to decipher real<br />
from fake. One small mistake<br />
will reveal the attacker’s<br />
presence and force them to start<br />
over or abandon their efforts<br />
altogether. The ThreatDefend<br />
architectural approach also<br />
removes the debate of whether<br />
deception is best suited at the<br />
endpoint or within the network<br />
by providing both. Deployment<br />
at the endpoint and at the<br />
network level provides early and<br />
accurate detection of attacks<br />
from all threat vectors including<br />
reconnaissance, credential theft,<br />
Active Directory, and complex<br />
man-in-the-middle attacks. The<br />
company has also pioneered<br />
machine self-learning which<br />
automates the preparation,<br />
deployment, and maintenance<br />
of the deception environment.<br />
Ease of management combined<br />
with actionable high-fidelity<br />
alerts make the ThreatDefend<br />
solution simple for organizations<br />
of all sizes to operate, without<br />
the need for adding incremental<br />
resources.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>Magazine</strong> - <strong>Annual</strong> <strong>Print</strong> <strong>Edition</strong> <strong>2019</strong> 55