Support Login.

3 × 5 =

 

Technology Integrations and Cyber Security Partnerships

Attivo Networks Integration Solutions

The best protection against cybersecurity attackers is to have an adaptive security defense, which is based on prevention, detection, and response systems working together to provide early detection, continuous threat management, and accelerated response. Attivo works actively with industry leading providers of firewall, NAC, SIEM, malware database solutions to share attack information and reduce the complexity and time associated with dealing with cyber threats. Below is a list of our integration and strategic go-to-market partners that are working together to bring these integrated solutions to markets across the globe.

Integration Partners:

 

Amazon Web Services

Attivo Networks provides the industry’s first globally scalable deception technology solution that detects inside-the-network threats across enterprise, private and public clouds. The Attivo BOTsink platform efficiently detects threats within all network and Amazon Web Services data center environments with the Attivo Central Manager providing universal control and centralization of threat intelligence for its global BOTsink deployments.

Aruba, a Hewlett Packard Enterprise Company

Attivo Networks has partnered with Aruba, a Hewlett Packard Enterprise company to deliver a highly scalable network access solution integrating the Attivo Networks Deception Platform and Aruba ClearPass platform. This integration provides customers with the ability to identify users and devices on wired and wireless networks, detect threats in real-time, gather attack analysis and automatically remediate suspect devices based on intent – regardless of user role or device type.

Blue Coat

Attivo Networks and Blue Coat have automated the sharing of forensic data gathered by the Attivo BOTsink Deception Platform with the Blue Coat ProxySG. The speed of detection and remediation are critical to the well-being of our joint customers as they can benefit from the ability to instantly block infected end-points and promptly defend against additional cyber attacks.

Carbon Black

Attivo Networks has partnered with Carbon Black to provide organizations early detection of in-network threats, automated response actions based on deception server engagement, and the ability to query Carbon Black servers for additional forensic artifacts on other infected systems. The integrated solution, which includes the Attivo Deception and Response Platform and the Carbon Black Platform will provide organizations an advanced level of visibility and improve overall threat management operations by simplifying information sharing and automating incident response actions.

Check Point Software Technologies Ltd. 

Attivo Networks has partnered with Check Point Software Technologies Ltd. to deliver an integrated solution between Attivo Deception Platform and the Check Point R80 that empowers continuous threat management using dynamic deceptions for real-time detection and analysis and enables accelerated response to cyber incidents. Detailed attack forensics shared automatically with Check Point Firewall allows prompt blocking to prevent exfiltration of data.



Cisco

Attivo Networks has partnered with Cisco to deliver an integrated solution between the Attivo BOTsink and the Cisco ISE leveraging the new pxGrid technology for the real-time detection, analysis, and automated blocking of BOTs, APTs and internal threat actors. With this joint solution, customers can utilize Attivo attack forensic information and create policies to automatically block and quarantine endpoints based on suspicious activity.

ForeScout

Attivo Networks has partnered with ForeScout to deliver an integrated solution between the Attivo Networks Deception Platform and ForeScout CounterACT. This joint solution allows customers to detect threats in real-time, gather attack analysis and choose to manually or automatically block attackers and quarantine end-points based on suspicious activity. Additionally, the integration can be used for easy and centralized deployment of the Attivo Endpoint Suite.

Fortinet

Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. More than 280,000 customers worldwide trust Fortinet to protect their businesses. Learn more at http://www.fortinet.com



Hewlett-Packard Enterprise

Attivo Networks Deception and Response Platform and HPE ArcSight have partnered to provide continuous threat management using dynamic deceptions for the real-time detection, analysis, event correlation and accelerated response to cyber incidents. Substantiated alerts and detailed attack forensics shared with HPE ArcSight, and the ability to query usage of deceptive credentials from ArcSight enhances visibility and prioritization of critical events for a prompt incident response.



Intel Security

The deception-based Attivo BOTsink® solution is now available as an integrated solution with the Intel Networks Security Platform (NSP). The BOTsink solution will add insight into the Intel Security Platform providing detailed forensic information on attacker methods, malicious domains and provide snort signatures based on Botnet methods and behavior that can be used to block infected systems from exfiltrating valuable company data or other malicious intent.

Juniper Networks

Attivo Networks provides a complimentary line of defense to perimeter security solutions and detects cyber attacks that have by-pass all other security prevention solutions. Attivo dynamic deception provides the detection and visibility into BOTs and APTs that are in the network and through integration, the BOTsink solution will update the Juniper Networks SRX Series Firewalls to quarantine infected nodes dramatically reducing the time required for detection, quarantining, and remediation.

McAfee Enterprise Security Manager

Attivo Networks Deception and Response Platform and McAfee ESM have collaborated to provide continuous threat management using dynamic deceptions for the real-time detection, analysis, event correlation and accelerated response to cyber incidents. Substantiated alerts and detailed attack forensics shared with McAfee ESM enhances visibility and helps prioritize critical events for prompt incident response.

McAfee ePolicy Orchestrator

Attivo Networks® Deception and Response Platform and McAfee ePolicy Orchestrator are integrated to offer customers a collective defense solution that empowers detection of real-time threats, gathering of attack analysis, manual or automated blocking of attacks and quarantining of endpoints based on suspicious activity. The combined solution also offers a centralized portal that allows easy deployment of the ThreatStrike Suite at endpoints. Together, the solution allows continuous threat management through early detection, analysis, and remediation capabilities.

Palo Alto Networks

Attivo Networks and Palo Alto Networks have teamed up with NextGen firewall and BOTsink deception server integration to provide early threat detection and the automatic blocking of attacks. With this integration, customers have the ability to detect in-network threats, analyze attacks, and automate incident response actions improving an organization’s defense against advanced threats. 

IBM

Attivo Networks Deception and Response Platform integrates with IBM® QRadar®. IBM QRadar Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics, incident response, and configuration and vulnerability management. It uses an advanced Sense Analytics Engine to detect advanced threats while providing greater ease of use and lower total cost of ownership.

 

SPLUNK

Attivo Networks Deception and Response PlatformTM integrates with Splunk® that is well-known for its Log Management capabilities and also for its SIEM solutions. The integration provides the ability for the Attivo solution to query the SIEM for the use of deception credentials and for the solution to automatically push found attack information to the Splunk solution for improved threat prevention.  The solution is also supported by the Splunk app.

 

               Go-to-Market Partners:

l

Cloud Harmonics

Cloud Harmonics is an Attivo Networks authorized distribution and training partner and provides channel partners with training, advanced services, and integrated technologies that add value to security, infrastructure, and cloud solutions. With Attivo in its portfolio, Cloud Harmonics will provide comprehensive security solutions that improve both cloud and security administrators’ ability to immediately detect, quarantine, and remediate cyber threats.

Macnica Networks

Macnica Networks is an Attivo Networks authorized distributor in Japan and provides channel partners with integrated technologies that add value to security and infrastructure. With Attivo in its portfolio, Macnica Networks will provide comprehensive security solutions that enable organizations to have an adaptive defense built on the ability to immediately detect, quarantine, and remediate cyber threats.

Starlink

Starlink is an Attivo Networks authorized distributor in the Middle East and provides channel partners with integrated technologies that add value to security and infrastructure. With Attivo in its portfolio, Starlink will provide comprehensive security solutions that enable organizations to have an adaptive defense built on the ability to immediately detect, quarantine, and remediate cyber threats.

immixGroup

immixGroup is Attivo’s authorized Federal distributor and GSA Aggregator, providing Federal partners with value-added services related to Government marketing and procurement, as well as access to the entire Attivo line of deception-based solutions.

 

AFCEA

Attivo Networks is proud to be a Small Business Member of AFCEA, an member-based organization providing a forum for military and government communities to connect with security and technology professionals.

FS-ISAC

Attivo Networks is an Affiliate Board Advisor of the Financial Services Information Sharing and Analysis Center (FS-ISAC), a community of financial organizations working together to share cyber and physical threat intelligence and combat cybercrime activities. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non-profit entity.

Attivo is the first deception-based threat detection provider to join the FS-ISAC as an Affiliate Board Advisor.

 

NH-ISAC

Attivo Networks is Navigator sponsor of the National Healthcare and Information Sharing and Analysis Center (NH-ISAC), an community of non-profit and for-profit healthcare stakeholder who are seeking protection of valuable PHI (personal health information) and compliance with Federal HIPAA regulations and standards, driving the assurance of patient health and life safety and fostering continuity of operations. Joining NH-ISAC is one of the best ways health and public health services firms can do their part to protect the industry and its vital role in critical infrastructure.

Attivo is the first deception-based threat detection provider to join the NH-ISAC as an Affiliate Board Advisor.

HIMMS

Attivo Networks is a Gold Member of Healthcare Information and Management Systems Society (HIMSS), a cause-based non-profit network of health IT professionals positively transforming healthcare through the best use of information technology in the United States and Canada.

ISSA

Attivo Networks is a Sponsored Member of Information Systems Security Association (ISSA), a community for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

U.S. Department of Homeland Security and the National Cyber Security Alliance

Attivo Networks is proud to participate in the National Cyber Security Awareness Month (NCSAM) Champion Program. Created under the leadership of the U.S. Department of Homeland Security and the National Cyber Security Alliance, the goal of NCSAM is similar to a core Attivo corporate goal: raising awareness about the number and sophistication of BOTs and advanced persistent threats (APTs) that target our critical information every day.