By Carolyn Crandall, CMO
We participated in Black Hat 2016 and came back excited at the new opportunities available for Attivo. I was personally respectfully impressed by how resourceful cyber attackers have become – it is mind blowing that even our smart light bulbs can leave us susceptible to attack! As one of the go-to events for the information security community, we appreciated the opportunity to educate and update attendees on Attivo solutions, as well as launch our latest version of software and offering of ThreatPath™ for attack path prediction at Black Hat!
At this year’s event, we witnessed an unprecedented number of attendees (20,000) and much discussion on deception technology – including how it can be leveraged to detect and disrupt cyber attackers. In addition to deception, other hot topics included IoT and endpoint security.
Throughout the news there is talk of the latest smart devices: cars, homes, and refrigerators – even light bulbs; while convenient, these devices pose a major target for hackers. To address this popular trend and its accompanying risks, Black Hat provided attendees the opportunity to assess and exploit the security of these smart devices during its “Offensive IoT Exploitation” course. This course provided attendees the opportunity to get an in-depth understanding of how to identify attack surfaces, find vulnerabilities and then finally exploit these vulnerabilities.
The new Attivo Deception Platform, announced in May, can be configured look identical to IoT systems based on XMPP, COAP, MQTT, HL7 and DICOM based PACS servers in their networks. Attivo BOTsink® engagement servers and decoys can then be customized to appear as production IoT gateway servers and services, deceiving attackers into thinking they’re authentic. By engaging with decoys and not with production devices, attackers reveal themselves and can be quarantined and studied for detailed forensics that can be used for blocking, remediation and future attack prevention.
There was a lot of buzz about endpoint security and how it can most effectively be leveraged, given today’s security risks. We were excited to highlight our Attivo End-point Deception Suite, an agentless, customizable, and non-intrusive technology – used to identify targeted attacks of infected end-points, the use of deception stolen credentials, and ransomware attacks on networked drives. Attendees were intrigued with deception as a way to detect threats as they onramp through social engineering, stolen credential, man-in-the-middle and other forms of attack.
Attendees were excited to learn about the expansion and enhancement of our ThreatMatrix™ Deception and Response Platform – most specifically, our ThreatPath™solution. Attendees who stopped by our booth were excited about our latest solution, which provides an attack path vulnerability assessment based on likely attack paths that an attacker would have traversed through misconfigured systems or credential misuse. The ThreatMatrix Deception and Response Platform is designed to provide early detection of cyber attacks from all threat vectors including zero-day, stolen credential, ransomware and phishing attacks that are renowned for bypassing traditional prevention systems. The platform is designed for early detection of threats, accelerated incident response and strengthening of prevention systems based on attack information gathered while deceiving and engaging attackers.
It was a valuable experience participating at Black Hat and hearing from attendees their interest and perspectives on deception and our new product offerings. I also enjoyed listening and learning about the latest in cyber threats and new strategies to identify and mitigate these threats. We look forward to Black Hat 2017, where we will continue to up the ante for comprehensive deception and response solutions. Until then, be sure to check our site and blog for company updates!