Why use Deflect for lateral movement mitigation?
Detect discovery attempts and derail lateral movement
Discovering attackers early in the attack cycle is a critical capability for organizations of all sizes. The Attivo Networks Endpoint Detection Net (EDN) Deflect function alerts on attacker reconnaissance as they scan for ports and services on systems to exploit and redirects both inbound and outbound connection attempts to decoys for engagement. The EDN Deflect function makes every endpoint a part of the deception fabric, obfuscating what they look like from the network to disrupt attackers attempting to move laterally. The EDN Deflect function enables native isolation of infected systems to limit their communications to the decoy environment, thus limiting the damage they can do by quarantining them away from production systems.