Early Threat Visibility and Accelerated Incident Response Arm Organizations to Combat Advanced Cyber Attackers
FREMONT, Calif., Dec 19, 2016 – Attivo Networks®, the award-winning leader in deception for cyber security defense, announced today that the company has joined the Aruba, a Hewlett Packard Enterprise company, ClearPass Exchange Partner program for the integration of its ThreatMatrix™ Deception Platform and the Aruba ClearPass Policy Management solution. The integration brings together advanced threat detection and policy-based remediation capabilities into a comprehensive solution that provides early threat visibility, attack analysis, and the automatic quarantine of infected systems to prevent the lateral spread of malicious malware and exfiltration of data.
Attivo Networks is regularly recognized for its industry leading ThreatMatrix Deception and Response Platform, which was recently enhanced. The platform takes an innovative approach to real-time in-network threat detection, attack analysis, and automation of incident response actions. Designed for early detection of external and internal cyberattacks, the solution provides early visibility to attacks from all threat vectors including zero-day, stolen credential, ransomware and phishing attacks that are renowned for evading traditional prevention systems. The ThreatMatrix platform supports a wide variety of prevention system and SIEM integrations for information sharing, automated attack correlation, and accelerated attack quarantine and blocking. The scalable design of the solution supports friction-less deployment in user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments.
The Aruba ClearPass solution provides a cohesive role- and device-based network access control (NAC) services for any multivendor wireless, wired and VPN environment. ClearPass delivers centrally managed enterprise-grade mobility, thus enhancing visibility, consistent policy enforcement and workflow automation for employee, guest and IoT use cases. The solution includes device profiling for IoT, corporate and Bring Your Own Device monitoring, guest access, authorization, authentication, and accounting (AAA) and non-AAA services, and built-in troubleshooting and reporting tools.
Together, the solution empowers organizations with effective endpoint control through real-time detection of cyber-attacks, forensic analysis, and automated incident response. The Attivo solution can detect all kinds of threats including advanced threats, stolen credentials, ransomware, and insider attacks on networks, data centers, cloud, IoT, SCADA and POS systems. High-fidelity alerts and attack forensics generated by the ThreatMatrix platform are automatically shared with Aruba ClearPass to quarantine or blacklist the infected endpoints from the network using real-time policy enforcement changes that block communications with the attackers Command and Control (CNC), thus preventing further infection or harm. The combination of early detection, enhanced visibility into attack details and effective threat containment provides a highly efficient platform for continuous threat management.
“As legacy perimeter and signature-based defenses have reduced in their efficacy, a sharper focus must be put on detecting and understanding exactly how the attacks are carried out and on designing appropriate response systems to disrupt their efforts,” said Carolyn Crandall, CMO of Attivo Networks. “Together with Aruba, customers can detect the attacker’s presence in real-time, generate full TTP on the attacks and stop the attacker’s advances by instantly quarantining them off the network. The time saved can give security teams the advantage of containing the attack before any mass damage is done.”
“The Aruba ClearPass integration with Attivo provides our customers with a security solution that looks at East-West traffic and provides an automated way to change the status of the device type,” said Trent Fierro, Director, Software Marketing, Aruba. “This helps solve concerns for threats that emanate from traditional laptops to IoT.”
About Attivo Networks
Attivo Networks® is the leader in deception technology for real-time detection, analysis, and accelerated response to cyber-attacks. The Attivo ThreatMatrix™ Deception and Response Platform accurately detects advanced in-network threats and provides scalable continuous threat management for user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments. Attivo Camouflage dynamic deception techniques and decoys efficiently lure and deceive attackers into revealing themselves while attack path and lateral movement tracking provide accurate visibility to advanced, credential, ransomware, and insider threats that have evaded prevention systems. The solution’s automated attack analysis and forensic reporting provides evidence-based alerts, and auto-blocking and quarantine of attacks for accelerated incident response. For more information visit www.attivonetworks.com
Follow Attivo Networks: Twitter and Linked In