Welcome to the Attivo Resource Center. Here you will find resources to learn more about Attivo and Attivo threat detection solutions.
Welcome to the Attivo Resource Center. Here you will find resources to learn more about Attivo and Attivo threat detection solutions.
With the ADSecure solution organizations improve Active Directory security without touching the production AD environment.
During this webinar, Geoff Hancock, CEO at the Advanced Cybersecurity Group, and Tony Cole, CTO at Attivo Networks, will discuss how using deception can get you inside the attacker’s OODA loop, lead the adversary to make mistakes, and fortify your cybersecurity defenses.
Join host Carolyn Crandall, Chief Deception Officer at Attivo Networks, and special guest Edward Amoroso, CEO of TAG Cyber, to hear exclusive insights on how modern deception technology is being used for early and accurate threat detection, network visibility, and cyber risk reduction.
Industry veteran Jim Hurley, the CEO of Wellington Research and Cyber Source Data, will cover primary research results on cyber effectiveness and how it is influenced by detection and incident response. Additionally, attendees will gain insights into the latest Wellington Research Market Spotlight covering the vendors and market for deception.
During this webinar, Geoff Hancock, CEO at the Advanced Cybersecurity Group, and Tony Cole, CTO at Attivo Networks, will discuss how using deception can get you inside the attacker’s OODA loop, lead the adversary to make mistakes, and fortify your cybersecurity defenses.
This ebook provides a general introduction to deception technology and an overview of use cases from general detection to creating an active defense. You will gain a better understanding of how deception fits within your overall security architecture and the role it plays in detecting, identifying, and responding to threats.
This research from EMA highlights how enterprises are using deception technology, the value they see in it, the challenges they have with it, and how they intend to use it in the future.
This document explains the role deception has historically played in attack and defense as well as highlights why it has become a necessary part of a modern cybersecurity stack. Deception technology is becoming a core necessity in any security architecture.
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27000 family of standards helps organizations keep information assets secure.
Accomplished cyber security technology leader, Alan Commike, and Chief Deception Officer, Carolyn Crandall, sit down to discuss the benefits of Deception Technology at RSA 2019
Carolyn Crandall, Attivo Networks Chief Deception Officer, and Lance Spitzner, founder of the honeynet project, discuss the evolution of deception technology at RSAC 2019 in Broadcast Alley.
The Attivo Networks® ThreatDefend® platform includes the ThreatDirect® feature that provides organization with the ability to easily and efficiently project deception into remote locations and microsegmented networks, extending their coverage without needing to deploy additional BOTsink® deception servers.
Deception arms the defender with early detection, automated attack analysis, endpoint forensics, and substantiated alerts for accelerated incident response.
Organizations can configure the Attivo Networks® BOTsink® appliance to simulate known vulnerabilities, giving highly accurate alerts if an attacker attempts to leverage one against the organization. This form of simulation responds to an attacker’s effort as if it was vulnerable without actually compromising the target host or allowing the attacker to expand their footprint.
Attivo’s Decoy Documents capability is available across the entire BOTsink range, including physical, virtual, and Cloud instances.
Geoff Hancock, has been in cybersecurtity for 27 years. He has worked in military, intelligence community, civilian agencies and corporations, conducing cyber operations, Active Cyber Defense, Deception and Intelligence. He has been a CISO, CTO and VP and currently is the CEO of Advanced Cybersecurity Group, were he heads up a team of cyber deception and intelligence analysts providing instruction and program operations.Understand the value of having a cyber deception plan in place and learn the information you need to know to get one started in this white paper.
The Attivo BOTsink 3550 appliance is scaled to support medium-sized deployments offering a full range of deception functionality and additional features. This appliance is only available in India.
The earliest deception systems were used primarily for research and they were difficult to set up and maintain. Those preliminary experiences have led to some myths and misconceptions about deception. This paper will address and debunk those myths, while detailing how deception has evolved into an invaluable asset for organization’s Defense in Depth postures.
Attivo Networks® deception-based threat detection shifts the power to the defender with a unique approach that reduces risk, accelerates incident response, and improves the overall effectiveness and efficiency of existing security controls. To learn more about deception-based threat detection, view this document.
At its core, deception technology relies on presenting an attacker with decoys and lures that are indistinguishable from real assets. Highly authentic decoys are vital for any organization looking to add deception technology for in-network threat detection. This feature highlight addresses the importance of authenticity in deception and the ways in which Attivo Networks has made authenticity a core feature of the ThreatDefend platform.
This paper takes a detailed look at what an ideal deception system should encompass, with an emphasis on how deception technologies can protect a production environment, including a checklist to help assess the options.
The Attivo Networks BOTsink family offers a range of systems to meet the diverse needs of organizations, and are available as physical appliances, virtual appliances, or as a Cloud instance.
Deception technology adoption soared in 2017 and 2018. Was this simply a fad or is deception coming into fashion as the de facto in-network detection security control?
The Attivo Networks ThreatDefend Deception and Response Platform provides extensive capabilities to detect many of the techniques outlined in the ATT&CK Matrix.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the US can assess and improve their ability to prevent, detect, and respond to cyberattacks. This white paper explores the ways in which the Attivo Networks ThreatDefend Deception and Response Platform provides extensive support to meet the guidance set forth by the NIST Cybersecurity Framework.
The Director of Cybersecurity for a large public energy utility organization had confidence in their perimeter security, but realized they needed better visibility into their internal network in the event of a compromise or when facing an insider threat. Read the full case study to learn more.
This whitepaper explains how the Attivo Networks® ThreatDefendTM platform enables organizations to meet specific compliance issues specified in the RBI CS Framework, along with numerous other requirements. This paper further explains how the Attivo Networks solution provides comprehensive detection and response to organizations under threat.
Written by: Carolyn Crandall, CMO and Chief Deception Officer
Discussion about real-world threat detection deployment experiences and the reasons why organizations are choosing deception technology.
Legal organizations are actively turning to deception technology as the preferred method for early and accurate detection of threats that have bypassed other security controls. Deception technology gives legal organizations the internal visibility often lacking in traditional security infrastructures. To learn more about what benefits the Attivo solution can offer to the legal sector, see our white paper.
Written by: Carolyn Crandall, CMO & Chief Deception Officer
At last week’s Gartner Security Summit in National Harbor, Maryland, Gartner analyst Neil MacDonald outlined 10 cybersecurity projects that could go a long way toward reducing enterprise security risk.
The SWIFT network links more than 11,000 financial institutions in more than 200 countries and territories worldwide, and as such, requires a level of trust between member institutions to ensure the integrity of the network. Unfortunately, the SWIFT network has increasingly become a target of attackers over the past few years and traditional security measures are no longer sufficient to deter and stop attackers. This white paper delves into the ways deception technology addresses these challenges.
The ThreatDefend Deception and Response Platform provides an inherently offensive counterintelligence function. The solution seeks to disrupt and degrade the information-gathering and attack operations an adversary conducts inside the network, while at the same time providing collective counterintelligence functions by helping develop threat and adversary intelligence.
Carolyn Crandall, Chief Deception Officer of Attivo Networks interviews Joseph Salazar, Technical Marketing Engineer in a Showcase Series on the topic of deception technology.
The Attivo ThreatStrike End-Point Deception Solution is a customizable and non-intrusive technology that is used to identify targeted attacks of infected end-points, infected servers/VMs, the use of deception stolen credentials, and ransomware attacks on networked drives. The solution also provides for suspicious email submission for threat detection.
Carolyn Crandall, Chief Deception Officer of Attivo Networks Interviews Tony Cole, Chief Technology Officer of Attivo Networks at RSAC 2018. Tony explains why organizations need to shift their focus towards detection to quickly mitigate the risk of breaches and shrink dwell time. Insight is provided on how deception technology empowers cyber defenders with an active defense.
The Attivo ThreatPath™ solution provides an attack path vulnerability assessment based on likely attack paths that an attacker would traverse through misconfigured systems or credential misuse.
The ThreatOps™ Platform works hand-in-hand with the BOTsink engagement server for in-network threat detection, attack analysis, and acceleration of incident response.
GDPR is The General Data Protection Regulation which will radically change the data usage and protection landscape when the document comes into force on May 25th, 2018.
This solution brief will detail the origins of honeypots, the logic behind them, and what features ultimately inhibited their universal adoption – followed by a look into what comprises present-day deception technology, how it has evolved, and the functionalities that are catalyzing worldwide deployment and adoption.
A brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform.
The ThreatOps™ solution accelerates incident response by adding repeatable playbook functionality to the ThreatDefendTM platform.
To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).
The BOTsink™ solution provides the foundation for the ThreatDefend™ platform, turning the entire network into a trap with a matrix of distributed decoy systems.
A virtual deception-based detection system that provides deception in remote and branch offices (ROBO).
The Attivo ThreatStrike Endpoint solution provides early and accurate detection of targeted attacks on endpoints and servers.
Learn why deception is recognized as a top 2017 security technology to consider for detecting in-network threats.
The ThreatPath solution provides continuous attack path vulnerability assessment.
Security budgets have shifted and are now split evenly between detection and prevention solutions.
Insight into how deception technology works, Attivo Networks ThreatDefend Deception and Response Platform, and how to detect in-network threats and accelerate incident response.
Introduction to Attivo Networks and deception technology at AFCEA West 2017.
A brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform.
The company’s deception technology and platform are seeing a significant rise in market profile in 2016. Attivo offers a high signal-to-noise approach to detection, verification, and attacker intelligence.
Researches the environment of POS device vulnerabilities, how POS attacks happen, the anatomy of a POS attack, and how deception plays a powerful role in protecting against cyber-attacks.
Attivo Networks CMO Carolyn Crandall speaks to the power of the integration between Attivo Networks and Carbon Black.
Will the addition of deception deliver a bona fide return? We believe that deception delivers an effective and efficient defense and will share our rationale in this webinar.
Deception technology: catching the uncatchable
An in-depth answer to the questions surrounding deception technology
Are current prevention techniques enough to stop modern cyber threats?
Going beyond the CISO
As more cyber criminals flock to “where the money is”, how will you protect yourself?
The security challenges within AWS environments and creating a defense in depth using deception technology.
Advanced techniques for finding malware lurking in corporate domains, remote offices, data centers, and in the cloud.
What deception technology is and how it provides an effective solution for detecting in-network threats in real-time.
Find out how deception technology allows for in-network detection of advanced threats.
Learn about the challenges of today’s threat landscape and the opportunities to address holes in the cyber attack lifecycle.
Brief look into how the Attivo Deception and Response Platform detects in-network threats and accelerates incident response.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.
With the ADSecure solution organizations improve Active Directory security without touching the production AD environment.
During this webinar, Geoff Hancock, CEO at the Advanced Cybersecurity Group, and Tony Cole, CTO at Attivo Networks, will discuss how using deception can get you inside the attacker’s OODA loop, lead the adversary to make mistakes, and fortify your cybersecurity defenses.
Join host Carolyn Crandall, Chief Deception Officer at Attivo Networks, and special guest Edward Amoroso, CEO of TAG Cyber, to hear exclusive insights on how modern deception technology is being used for early and accurate threat detection, network visibility, and cyber risk reduction.
Industry veteran Jim Hurley, the CEO of Wellington Research and Cyber Source Data, will cover primary research results on cyber effectiveness and how it is influenced by detection and incident response. Additionally, attendees will gain insights into the latest Wellington Research Market Spotlight covering the vendors and market for deception.
During this webinar, Geoff Hancock, CEO at the Advanced Cybersecurity Group, and Tony Cole, CTO at Attivo Networks, will discuss how using deception can get you inside the attacker’s OODA loop, lead the adversary to make mistakes, and fortify your cybersecurity defenses.
This ebook provides a general introduction to deception technology and an overview of use cases from general detection to creating an active defense. You will gain a better understanding of how deception fits within your overall security architecture and the role it plays in detecting, identifying, and responding to threats.
This research from EMA highlights how enterprises are using deception technology, the value they see in it, the challenges they have with it, and how they intend to use it in the future.
This document explains the role deception has historically played in attack and defense as well as highlights why it has become a necessary part of a modern cybersecurity stack. Deception technology is becoming a core necessity in any security architecture.
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27000 family of standards helps organizations keep information assets secure.
Accomplished cyber security technology leader, Alan Commike, and Chief Deception Officer, Carolyn Crandall, sit down to discuss the benefits of Deception Technology at RSA 2019
Carolyn Crandall, Attivo Networks Chief Deception Officer, and Lance Spitzner, founder of the honeynet project, discuss the evolution of deception technology at RSAC 2019 in Broadcast Alley.
The Attivo Networks® ThreatDefend® platform includes the ThreatDirect® feature that provides organization with the ability to easily and efficiently project deception into remote locations and microsegmented networks, extending their coverage without needing to deploy additional BOTsink® deception servers.
Deception arms the defender with early detection, automated attack analysis, endpoint forensics, and substantiated alerts for accelerated incident response.
Organizations can configure the Attivo Networks® BOTsink® appliance to simulate known vulnerabilities, giving highly accurate alerts if an attacker attempts to leverage one against the organization. This form of simulation responds to an attacker’s effort as if it was vulnerable without actually compromising the target host or allowing the attacker to expand their footprint.
Attivo’s Decoy Documents capability is available across the entire BOTsink range, including physical, virtual, and Cloud instances.
Geoff Hancock, has been in cybersecurtity for 27 years. He has worked in military, intelligence community, civilian agencies and corporations, conducing cyber operations, Active Cyber Defense, Deception and Intelligence. He has been a CISO, CTO and VP and currently is the CEO of Advanced Cybersecurity Group, were he heads up a team of cyber deception and intelligence analysts providing instruction and program operations.Understand the value of having a cyber deception plan in place and learn the information you need to know to get one started in this white paper.
The Attivo BOTsink 3550 appliance is scaled to support medium-sized deployments offering a full range of deception functionality and additional features. This appliance is only available in India.
The earliest deception systems were used primarily for research and they were difficult to set up and maintain. Those preliminary experiences have led to some myths and misconceptions about deception. This paper will address and debunk those myths, while detailing how deception has evolved into an invaluable asset for organization’s Defense in Depth postures.
Attivo Networks® deception-based threat detection shifts the power to the defender with a unique approach that reduces risk, accelerates incident response, and improves the overall effectiveness and efficiency of existing security controls. To learn more about deception-based threat detection, view this document.
At its core, deception technology relies on presenting an attacker with decoys and lures that are indistinguishable from real assets. Highly authentic decoys are vital for any organization looking to add deception technology for in-network threat detection. This feature highlight addresses the importance of authenticity in deception and the ways in which Attivo Networks has made authenticity a core feature of the ThreatDefend platform.
This paper takes a detailed look at what an ideal deception system should encompass, with an emphasis on how deception technologies can protect a production environment, including a checklist to help assess the options.
The Attivo Networks BOTsink family offers a range of systems to meet the diverse needs of organizations, and are available as physical appliances, virtual appliances, or as a Cloud instance.
Deception technology adoption soared in 2017 and 2018. Was this simply a fad or is deception coming into fashion as the de facto in-network detection security control?
The Attivo Networks ThreatDefend Deception and Response Platform provides extensive capabilities to detect many of the techniques outlined in the ATT&CK Matrix.
The National Institute of Standards and Technology (NIST) Cybersecurity Framework provides a policy framework of computer security guidance for how private sector organizations in the US can assess and improve their ability to prevent, detect, and respond to cyberattacks. This white paper explores the ways in which the Attivo Networks ThreatDefend Deception and Response Platform provides extensive support to meet the guidance set forth by the NIST Cybersecurity Framework.
The Director of Cybersecurity for a large public energy utility organization had confidence in their perimeter security, but realized they needed better visibility into their internal network in the event of a compromise or when facing an insider threat. Read the full case study to learn more.
This whitepaper explains how the Attivo Networks® ThreatDefendTM platform enables organizations to meet specific compliance issues specified in the RBI CS Framework, along with numerous other requirements. This paper further explains how the Attivo Networks solution provides comprehensive detection and response to organizations under threat.
Written by: Carolyn Crandall, CMO and Chief Deception Officer
Discussion about real-world threat detection deployment experiences and the reasons why organizations are choosing deception technology.
Legal organizations are actively turning to deception technology as the preferred method for early and accurate detection of threats that have bypassed other security controls. Deception technology gives legal organizations the internal visibility often lacking in traditional security infrastructures. To learn more about what benefits the Attivo solution can offer to the legal sector, see our white paper.
Written by: Carolyn Crandall, CMO & Chief Deception Officer
At last week’s Gartner Security Summit in National Harbor, Maryland, Gartner analyst Neil MacDonald outlined 10 cybersecurity projects that could go a long way toward reducing enterprise security risk.
The SWIFT network links more than 11,000 financial institutions in more than 200 countries and territories worldwide, and as such, requires a level of trust between member institutions to ensure the integrity of the network. Unfortunately, the SWIFT network has increasingly become a target of attackers over the past few years and traditional security measures are no longer sufficient to deter and stop attackers. This white paper delves into the ways deception technology addresses these challenges.
The ThreatDefend Deception and Response Platform provides an inherently offensive counterintelligence function. The solution seeks to disrupt and degrade the information-gathering and attack operations an adversary conducts inside the network, while at the same time providing collective counterintelligence functions by helping develop threat and adversary intelligence.
Carolyn Crandall, Chief Deception Officer of Attivo Networks interviews Joseph Salazar, Technical Marketing Engineer in a Showcase Series on the topic of deception technology.
The Attivo ThreatStrike End-Point Deception Solution is a customizable and non-intrusive technology that is used to identify targeted attacks of infected end-points, infected servers/VMs, the use of deception stolen credentials, and ransomware attacks on networked drives. The solution also provides for suspicious email submission for threat detection.
Carolyn Crandall, Chief Deception Officer of Attivo Networks Interviews Tony Cole, Chief Technology Officer of Attivo Networks at RSAC 2018. Tony explains why organizations need to shift their focus towards detection to quickly mitigate the risk of breaches and shrink dwell time. Insight is provided on how deception technology empowers cyber defenders with an active defense.
The Attivo ThreatPath™ solution provides an attack path vulnerability assessment based on likely attack paths that an attacker would traverse through misconfigured systems or credential misuse.
The ThreatOps™ Platform works hand-in-hand with the BOTsink engagement server for in-network threat detection, attack analysis, and acceleration of incident response.
GDPR is The General Data Protection Regulation which will radically change the data usage and protection landscape when the document comes into force on May 25th, 2018.
This solution brief will detail the origins of honeypots, the logic behind them, and what features ultimately inhibited their universal adoption – followed by a look into what comprises present-day deception technology, how it has evolved, and the functionalities that are catalyzing worldwide deployment and adoption.
A brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform.
The ThreatOps™ solution accelerates incident response by adding repeatable playbook functionality to the ThreatDefendTM platform.
To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).
The BOTsink™ solution provides the foundation for the ThreatDefend™ platform, turning the entire network into a trap with a matrix of distributed decoy systems.
A virtual deception-based detection system that provides deception in remote and branch offices (ROBO).
The Attivo ThreatStrike Endpoint solution provides early and accurate detection of targeted attacks on endpoints and servers.
Learn why deception is recognized as a top 2017 security technology to consider for detecting in-network threats.
The ThreatPath solution provides continuous attack path vulnerability assessment.
Security budgets have shifted and are now split evenly between detection and prevention solutions.
Insight into how deception technology works, Attivo Networks ThreatDefend Deception and Response Platform, and how to detect in-network threats and accelerate incident response.
Introduction to Attivo Networks and deception technology at AFCEA West 2017.
A brief introduction to deception technology and the Attivo Networks ThreatDefend Deception and Response Platform.
The company’s deception technology and platform are seeing a significant rise in market profile in 2016. Attivo offers a high signal-to-noise approach to detection, verification, and attacker intelligence.
Researches the environment of POS device vulnerabilities, how POS attacks happen, the anatomy of a POS attack, and how deception plays a powerful role in protecting against cyber-attacks.
Attivo Networks CMO Carolyn Crandall speaks to the power of the integration between Attivo Networks and Carbon Black.
Will the addition of deception deliver a bona fide return? We believe that deception delivers an effective and efficient defense and will share our rationale in this webinar.
Deception technology: catching the uncatchable
An in-depth answer to the questions surrounding deception technology
Are current prevention techniques enough to stop modern cyber threats?
Going beyond the CISO
As more cyber criminals flock to “where the money is”, how will you protect yourself?
The security challenges within AWS environments and creating a defense in depth using deception technology.
Advanced techniques for finding malware lurking in corporate domains, remote offices, data centers, and in the cloud.
What deception technology is and how it provides an effective solution for detecting in-network threats in real-time.
Find out how deception technology allows for in-network detection of advanced threats.
Learn about the challenges of today’s threat landscape and the opportunities to address holes in the cyber attack lifecycle.
Brief look into how the Attivo Deception and Response Platform detects in-network threats and accelerates incident response.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.
Attivo is also honored to be recognized within the report as a Distinguished Vendor for Intrusion Detection Systems.