Cyber attackers have repeatedly proven that they can and will get inside the networks of even the most security-savvy organizations. Whether the attacker finds their way in through the use of stolen credentials, zero-day exploitation, a ransomware attack or simply start as an insider, they will establish a foothold and will move laterally throughout the network until they can complete their mission.
A modern day adaptive defense requires a blend of prevention and detection solutions. The Attivo Deception Platform is a highly efficient detection solution that uses deception and decoy techniques to entice engagement with WWW Robots (BOTs) and Advanced Persistent Threats (APTs) that are inside networks and are seeking ways to escalate privileges and launch their attack. The Attivo Deception Platform is designed to catch all threat types that have bypassed even the most sophisticated prevention systems. Using deceptive credentials, lures, and deceptive systems deployed throughout the network, the Attivo BOTsink solution will detect and identify the attacker and will generate detailed attack forensic information. Through integration with the Forescout platform, the BOTsink will automatically provide the attack information required to block and quarantine the infected endpoint to stop any exfiltration of data or lateral movement of the attacker, which would be used to infect additional systems.
The integration of the Forescout platform with the Attivo Deception Platform is very simple to set up and in minutes, organizations can have an integrated adaptive security platform that provides effective prevention, real-time detection of cyber attackers, and the ability to automatically block and quarantine infected systems so that data is not exfiltrated or additional endpoints infected.
The highlights include
- Real-time Threat Detection
- Attack Analysis and Forensics
- Automated Quarantine and Blocking
- Expedite Incident Response
- End-point Deception Credentials Distribution