Attivo ThreatDirect Deception Forwarder Technology

Why Customers Choose ADSecure for Active Directory Protection

Innovative Active Directory security against attacks targeting critical production objects

With the ADSecure solution, organizations gain Active Directory security without interfering with production Domain Controllers. When an attacker queries AD, the solution hides real results, creating an altered reality that misdirects the attack. Organizations can now hide valuable enterprise resource information to reduce the attack surface. By misdirecting attackers into the deception environment, the platform can safely study the attack to gather Tactics, Techniques, and Procedures (TTPs) and company-specific threat intelligence for accelerated response.

ADSecure Module Capabilities

Protect

Hide real data, reduce
the attack surface.

Comprehensive

Supports all popular
Microsoft AD objects

Visibility

Deep Telemetry
for awareness and
Threat Hunting

Discreet

Adds deceptive objects
without impacting
production AD

ADSecure ™ Active Directory Security Solution

Active Directory Protection without affecting production.

Sequence

01 The attacker compromises a production PC

02 The attacker uses an application to query AD for Domain admin accounts

03 The AD server responds with production results

04 ADSecure hides the production results to reduce the attack surface

05 ADSecure presents deceptive data to misdirect the attacker

06 Attacker follows decoy credentials to deception environment

USE CASES

Privileged Credentials
- — Active Directory Protection against privileged credential theft with decoy credentials
Service Accounts
- — Gain visibility into service account compromises that allow attackers to access elevated privileges on endpoints
Shadow Admin Accounts
- — Identify ACL misconfigurations that give accounts elevated rights without proper group membership
Domain Controllers
- — Gain visibility and awareness of attacker activity targeting critical domain servers
Critical Users and Computers
- — Protect high value user and system accounts from attacker comprise.

ThreatDefend Platform

Distributed Deception Platform for Post-Compromise Detection and Response

Network Detection Portfolio

BOTsink

ThreatDirect

Endpoint Detection Net Suite

Overview

ADSecure

ThreatPath

ThreatStrike

Automation

ThreatOps

Attivo Networks Survey Report

Top Threat Detection Concerns and Trends

eBook: Deception-Based Threat Detection

Shifting Power to the Defenders

Already a Channel Partner?

Partner Integration Overview

Best Workplace

Best Technology

ADSecure ™

Why Customers Choose ADSecure for Active Directory Protection

Innovative Active Directory security against attacks targeting critical production objects

ADSecure Module Capabilities

Protect

Comprehensive

Visibility

Discreet

ADSecure ™ Active Directory Security Solution

Active Directory Protection without affecting production.

Sequence

01 The attacker compromises a production PC

02 The attacker uses an application to query AD for Domain admin accounts

03 The AD server responds with production results

04 ADSecure hides the production results to reduce the attack surface

05 ADSecure presents deceptive data to misdirect the attacker

06 Attacker follows decoy credentials to deception environment

USE CASES

Privileged Credentials

Service Accounts

Shadow Admin Accounts

Domain Controllers

Critical Users and Computers

Perspectives

RESOURCES

SPOTLIGHT

Ready to find out what’s lurking in your network?