Attivo Networks News

How Attivo Networks Strengthens Active Directory Defense

Reading Time: 2 minutes  |  Published: August 21, 2020 in Attivo News

Attivo’s ADSecure has a unique take on protecting AD; it uses the age-old art of deception with an added twist of concealment. ADSecure is designed to deceive even the most aggressive intruders with decoys and other techniques rooted in the world of deception.

ADSecure breaks out from the traditional approach to deception that is found in the company’s other products to protect IT assets, data and intellectual property from the ills of the cyberattacker community. Instead of laying decoy traps and obfuscating the bait among real credentials or artifacts, the company has instead chosen simply to deny the attacker the ability to see and touch AD altogether.

ADSecure brings together numerous security capabilities to protect AD from compromises. At its most basic level, the platform detects unauthorized queries to AD. It reduces the risk that those queries present by misdirecting attackers to decoys, protecting legitimate AD objects from exposure and compromise. Ultimately that reduces the attack surface of AD.

What’s more, by misdirecting attackers into a deception environment, the platform can safely gather TTPs (tactics, techniques and procedures), which can be used to develop threat intelligence, provide forensics and create an accelerated response.

Arguably, the most important capability of ADSecure is how it can detect and prevent lateral attacks. For example, if an attacker attempts to harvest Active Directory data, ADSecure responds by providing the attacker with what looks like meaningful information but is, in fact, false data. Meanwhile, the attacker believes that they have successfully gathered critical information, yet that information is useless, and all details of the attack have been recorded, without the attacker even knowing. But there is much more to ADSecure than defending against lateral attacks. The module also can identify if stolen credentials are being used, which is becoming a growing problem as more and more workers shift to home or remote workplaces.

In the past, compromises impacting Active Directory and the harvesting of Active Directory data were a major concern for organizations using AD. Yet, there was really no effective way to automate the protection of AD, and it was very difficult to detect the theft of AD data, if not impossible. It was a weakness amplified by the introduction of cloud services and resources that were also dependent upon AD. ADSecure effectively brings automated protection to Active Directory, which was once thought impossible.

Read the complete ADSecure product review here in eWeek.com.

No Comments

Post A Comment

15 − nine =