Attivo Networks® Receives Validation for Attivo BOTsink® Deception-Based Threat Detection through BD Product Security Partnership Program
Collaboration advances medical device cybersecurity.
FREMONT, CA – February 14, 2018 – Attivo Networks®, the award-winning leader in deception technology for cybersecurity defense, announced today that it has expanded its IoT portfolio and has received Validation through the BD Product Security Partnership Program for the Attivo BOTsink® deception solution when used with certain BD products. The collaboration with BD (Becton, Dickinson and Company) delivers visibility and improves detection capabilities against potential cyber threats that can impact medical devices.
The Attivo BOTsink® deception-based threat detection solution provides decoys and lures to misdirect potential attackers away from production assets. As a result of this collaboration, the BOTsink solution decoys now offer software to create mirror-match decoy authenticity on certain BD products. This produces an environment where a potential attacker cannot tell what is real and what is fake; ultimately, revealing an attacker’s activities as they try to scan systems or attempt to download malware onto these devices.
Recent large-scale cybersecurity attacks put a spotlight on the potential threats that can affect any industry, including the health care sector, and more specifically, the risks if operations at health care facilities are impacted. For example, some medical devices have high availability requirements, which makes it burdensome to apply security patches without workflow disruption. Additionally, medical devices are often mobile and network connectivity can be transient, making it difficult to implement traditional network security monitoring. The risks of not addressing these security challenges proactively can range from attackers potentially compromising sensitive patient data to threat actors attempting to tamper with medical devices.
“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the health care industry,” said Rob Suarez, director of Product Security for BD. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”
BD is one of the largest global medical technology companies in the world that develops innovative technology, services and solutions that help advance both clinical therapy for patients and clinical process for health care providers. The Attivo BOTsink deception servers add additional protection to BD Alaris™ infusion systems by placing decoys that appear as production IOT devices to confuse, trip up and detect attackers. BD employed a rigorous evaluation of the Attivo BOTsink technology to ensure it is compatible with certain BD products and performs as indicated. Additionally, the Attivo solution provides attack analysis with indicators of compromise (IOC) and attacker tools, techniques and processes along with actionable forensics for remediation and threat hunting that is applied to identify compromised systems from all places within the network for remediation. Visibility tools will also provide attack path vulnerability assessments and time-lapsed replays, empowering teams with insight into attacker lateral movement and security gaps.
“IoT medical device security is one of today’s greatest challenges for the health care industry. IoT devices inherently have additional security risk based on their operating systems and connections to Wi-Fi networks, and the Internet,” said Marc Feghali, vice president of product management at Attivo Networks. “BD is proactively leading the field by working with Attivo to add a reliable mechanism for early threat detection. By combining their software with Attivo dynamic deception, we have created a fantastic tripwire to alert on potential nefarious behavior.”
About Attivo Networks
Attivo Networks® is the leader in deception technology for real-time detection, analysis, and accelerated response to advanced, credential, insider, and ransomware cyber-attacks. The Attivo ThreatDefend™ Deception and Response Platform accurately detects advanced in-network threats and provides scalable continuous threat management for user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments. Attivo Camouflage dynamic deception techniques and decoys set high-interaction traps to efficiently lure attackers into revealing themselves. Advanced attack analysis and lateral movement tracking are auto-correlated for evidence-based alerts, forensic reporting, and automatic blocking and quarantine of attacks. For more information visit www.attivonetworks.com