• Categories

  • Format

BOTsink® Deception and Decoy Technology for Threat Detection

The Attivo Networks BOTsink® solution stands guard inside your network, using high-interaction deception and decoy technology to lure attackers into engaging and revealing themselves. Through misdirection of the attack, organizations gain the advantage of time to detect, analyze, and stop an attacker.

SC Media ThreatDefend Platform v5.0 Review

Security pros will find the Attivo ThreatDefend Platform a comprehensive detection product that uses machine learning to customize decoys based on the systems, applications, and environments into which it has been deployed and adds endpoint components to hide data and deflect port and service scans to decoys…

Attivo Networks ThreatPath Cyber Hygiene & Attack Surface Reduction

The Attivo ThreatPath® solution, part of the modular ThreatDefend Endpoint Detection Net family of products, provides continuous attack surface monitoring, reduces attack paths, and improves organizations’ cyber hygiene.

Deflect Attacks with the Endpoint Detection Net Suite

The EDN Deflect function brings a needed capability to make every endpoint a part of the deception fabric. By denying attackers the ability to collect accurate information on their targets and disrupt their ability to move laterally undetected, the Deflect function gives organizations an early warning and an active defense against malicious East/ West traffic to increase their security posture and catch attackers early in the attack cycle.

Scaling Detection with the ThreatDirect Solution

It is critical to have visibility across the entire network with no gaps based on location or resource limitations. With the ThreatDirect solution, organizations can now scale their adaptive defense across remote areas of their network with full-featured deception-based detection, automated attack analysis, and accelerated incident response capabilities.

Behind the Scenes with Attivo Networks

Go behind the scenes with CEO, Tushar Kothari, CTO, Tony Cole, and CMO & Chief Deception Officer, Carolyn Crandall as they discuss the state of cybersecurity, the value of deception-based threat detection, and more.

Deception Technology in 2020 – ISMG Interview

Deception technology has moved from being an emerging technology to a more mainstream security control, say Tony Cole, CTO, and Carolyn Crandall, chief deception officer and chief marketing officer, at Attivo Networks.

RSA 2020 – Endpoint Detection Net

Recording from Broadcast Ally at RSA 2020, Carolyn Crandall and Tony Cole sit down to discuss Attivo Networks’ newest product announcement: Endpoint Detection Net, which tackles endpoint security challenges head-on by making every endpoint a decoy designed to disrupt an attacker’s ability to break out and further infiltrate the network.

RSA 2020 – Attivo Networks Deception-Based Threat Detection

Recording from Broadcast Ally at RSA 2020, Carolyn Crandall and Tony Cole sit down to discuss Attivo Networks deception technology and all that it offers.

Active Directory Solution – ADSecure Infographic

With the ADSecure solution organizations improve Active Directory security without touching the production AD environment.

Webinar: Deception Imperatives and Vendor Comparison Spotlight

Industry veteran Jim Hurley, the CEO of Wellington Research and Cyber Source Data, will cover primary research results on cyber effectiveness and how it is influenced by detection and incident response. Additionally, attendees will gain insights into the latest Wellington Research Market Spotlight covering the vendors and market for deception.

Attivo Networks® ThreatDefend™ Platform and the ISO/IEC 27000 Family of Standards

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27000 family of standards helps organizations keep information assets secure. 

ThreatDefend® Platform Feature Highlight: ThreatDirect®

The Attivo Networks® ThreatDefend® platform includes the ThreatDirect® feature that provides organization with the ability to easily and efficiently project deception into remote locations and microsegmented networks, extending their coverage without needing to deploy additional BOTsink® deception servers. 

Deception Through the Eyes of a Forensic Researcher

Deception arms the defender with early detection, automated attack analysis, endpoint forensics, and substantiated alerts for accelerated incident response.

ThreatDefend® Feature Highlight: Vulnerability Simulation

Organizations can configure the Attivo Networks® BOTsink® appliance to simulate known vulnerabilities, giving highly accurate alerts if an attacker attempts to leverage one against the organization. This form of simulation responds to an attacker’s effort as if it was vulnerable without actually compromising the target host or allowing the attacker to expand their footprint.

ThreatDefend® Feature Highlight: Decoy Documents

Attivo’s Decoy Documents capability is available across the entire BOTsink range, including physical, virtual, and Cloud instances.

Attivo BOTsink® 3550 Data Sheet (Only Available in India)

The Attivo BOTsink 3550 appliance is scaled to support medium-sized deployments offering a full range of deception functionality and additional features. This appliance is only available in India.

Threat Deception for an Active Defense

Attivo Networks® deception-based threat detection shifts the power to the defender with a unique approach that reduces risk, accelerates incident response, and improves the overall effectiveness and efficiency of existing security controls. To learn more about deception-based threat detection, view this document.

ThreatDefend Platform Feature Highlight : Authentic Deception

At its core, deception technology relies on presenting an attacker with decoys and lures that are indistinguishable from real assets. Highly authentic decoys are vital for any organization looking to add deception technology for in-network threat detection. This feature highlight addresses the importance of authenticity in deception and the ways in which Attivo Networks has made authenticity a core feature of the ThreatDefend platform.

Assessing Deception Technology for a Proactive Defense

This paper takes a detailed look at what an ideal deception system should encompass, with an emphasis on how deception technologies can protect a production environment, including a checklist to help assess the options.

Attivo Networks® BOTsink® Family Data Sheet

The Attivo Networks BOTsink family offers a range of systems to meet the diverse needs of organizations, and are available as physical appliances, virtual appliances, or as a Cloud instance.

Deception Technology: Fad or Fashion for 2019

Deception technology adoption soared in 2017 and 2018. Was this simply a fad or is deception coming into fashion as the de facto in-network detection security control?

How Threat Deception Fits Within Your Security Stack

Discussion about real-world threat detection deployment experiences and the reasons why organizations are choosing deception technology.

Attivo Networks® DecoyDocs Datasheet

The ThreatDefend Deception and Response Platform provides an inherently offensive counterintelligence function. The solution seeks to disrupt and degrade the information-gathering and attack operations an adversary conducts inside the network, while at the same time providing collective counterintelligence functions by helping develop threat and adversary intelligence.

Attivo Networks® ThreatStrike™ Solution: Endpoint Deception-based Detection

The Attivo ThreatStrike End-Point Deception Solution is a customizable and non-intrusive technology that is used to identify targeted attacks of infected end-points, infected servers/VMs, the use of deception stolen credentials, and ransomware attacks on networked drives. The solution also provides for suspicious email submission for threat detection.

Attivo Networks® ThreatPath™ Platform Overview

The Attivo ThreatPath™ solution provides an attack path vulnerability assessment based on likely attack paths that an attacker would traverse through misconfigured systems or credential misuse.

Attivo Networks® ThreatOps™ Platform

The ThreatOps™ Platform works hand-in-hand with the BOTsink engagement server for in-network threat detection, attack analysis, and acceleration of incident response.

ThreatOps™ Incident Handling and Response

There are many challenges faced by IR and SecOps that technology innovations can now address. The Attivo Networks ThreatDefend Platform accurately and efficiently addresses these challenges while extending the value of existing security infrastructure 

BOTsink® Analysis Functions

To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).

BOTsink™ Decoys and Engagement Servers

The BOTsink™ solution provides the foundation for the ThreatDefend™ platform, turning the entire network into a trap with a matrix of distributed decoy systems.

ThreatStrike™ EndPoint Deception Suite

The Attivo ThreatStrike Endpoint solution provides early and accurate detection of targeted attacks on endpoints and servers.

ThreatPath™ Attack Path Vulnerability Assessment

The ThreatPath solution provides continuous attack path vulnerability assessment.


BOTsink® Deception and Decoy Technology for Threat Detection

The Attivo Networks BOTsink® solution stands guard inside your network, using high-interaction deception and decoy technology to lure attackers into engaging and revealing themselves. Through misdirection of the attack, organizations gain the advantage of time to detect, analyze, and stop an attacker.

SC Media ThreatDefend Platform v5.0 Review

Security pros will find the Attivo ThreatDefend Platform a comprehensive detection product that uses machine learning to customize decoys based on the systems, applications, and environments into which it has been deployed and adds endpoint components to hide data and deflect port and service scans to decoys…

Attivo Networks ThreatPath Cyber Hygiene & Attack Surface Reduction

The Attivo ThreatPath® solution, part of the modular ThreatDefend Endpoint Detection Net family of products, provides continuous attack surface monitoring, reduces attack paths, and improves organizations’ cyber hygiene.

Deflect Attacks with the Endpoint Detection Net Suite

The EDN Deflect function brings a needed capability to make every endpoint a part of the deception fabric. By denying attackers the ability to collect accurate information on their targets and disrupt their ability to move laterally undetected, the Deflect function gives organizations an early warning and an active defense against malicious East/ West traffic to increase their security posture and catch attackers early in the attack cycle.

Scaling Detection with the ThreatDirect Solution

It is critical to have visibility across the entire network with no gaps based on location or resource limitations. With the ThreatDirect solution, organizations can now scale their adaptive defense across remote areas of their network with full-featured deception-based detection, automated attack analysis, and accelerated incident response capabilities.

Behind the Scenes with Attivo Networks

Go behind the scenes with CEO, Tushar Kothari, CTO, Tony Cole, and CMO & Chief Deception Officer, Carolyn Crandall as they discuss the state of cybersecurity, the value of deception-based threat detection, and more.

Deception Technology in 2020 – ISMG Interview

Deception technology has moved from being an emerging technology to a more mainstream security control, say Tony Cole, CTO, and Carolyn Crandall, chief deception officer and chief marketing officer, at Attivo Networks.

RSA 2020 – Endpoint Detection Net

Recording from Broadcast Ally at RSA 2020, Carolyn Crandall and Tony Cole sit down to discuss Attivo Networks’ newest product announcement: Endpoint Detection Net, which tackles endpoint security challenges head-on by making every endpoint a decoy designed to disrupt an attacker’s ability to break out and further infiltrate the network.

RSA 2020 – Attivo Networks Deception-Based Threat Detection

Recording from Broadcast Ally at RSA 2020, Carolyn Crandall and Tony Cole sit down to discuss Attivo Networks deception technology and all that it offers.

Active Directory Solution – ADSecure Infographic

With the ADSecure solution organizations improve Active Directory security without touching the production AD environment.

Webinar: Deception Imperatives and Vendor Comparison Spotlight

Industry veteran Jim Hurley, the CEO of Wellington Research and Cyber Source Data, will cover primary research results on cyber effectiveness and how it is influenced by detection and incident response. Additionally, attendees will gain insights into the latest Wellington Research Market Spotlight covering the vendors and market for deception.

Attivo Networks® ThreatDefend™ Platform and the ISO/IEC 27000 Family of Standards

The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) 27000 family of standards helps organizations keep information assets secure. 

ThreatDefend® Platform Feature Highlight: ThreatDirect®

The Attivo Networks® ThreatDefend® platform includes the ThreatDirect® feature that provides organization with the ability to easily and efficiently project deception into remote locations and microsegmented networks, extending their coverage without needing to deploy additional BOTsink® deception servers. 

Deception Through the Eyes of a Forensic Researcher

Deception arms the defender with early detection, automated attack analysis, endpoint forensics, and substantiated alerts for accelerated incident response.

ThreatDefend® Feature Highlight: Vulnerability Simulation

Organizations can configure the Attivo Networks® BOTsink® appliance to simulate known vulnerabilities, giving highly accurate alerts if an attacker attempts to leverage one against the organization. This form of simulation responds to an attacker’s effort as if it was vulnerable without actually compromising the target host or allowing the attacker to expand their footprint.

ThreatDefend® Feature Highlight: Decoy Documents

Attivo’s Decoy Documents capability is available across the entire BOTsink range, including physical, virtual, and Cloud instances.

Attivo BOTsink® 3550 Data Sheet (Only Available in India)

The Attivo BOTsink 3550 appliance is scaled to support medium-sized deployments offering a full range of deception functionality and additional features. This appliance is only available in India.

Threat Deception for an Active Defense

Attivo Networks® deception-based threat detection shifts the power to the defender with a unique approach that reduces risk, accelerates incident response, and improves the overall effectiveness and efficiency of existing security controls. To learn more about deception-based threat detection, view this document.

ThreatDefend Platform Feature Highlight : Authentic Deception

At its core, deception technology relies on presenting an attacker with decoys and lures that are indistinguishable from real assets. Highly authentic decoys are vital for any organization looking to add deception technology for in-network threat detection. This feature highlight addresses the importance of authenticity in deception and the ways in which Attivo Networks has made authenticity a core feature of the ThreatDefend platform.

Assessing Deception Technology for a Proactive Defense

This paper takes a detailed look at what an ideal deception system should encompass, with an emphasis on how deception technologies can protect a production environment, including a checklist to help assess the options.

Attivo Networks® BOTsink® Family Data Sheet

The Attivo Networks BOTsink family offers a range of systems to meet the diverse needs of organizations, and are available as physical appliances, virtual appliances, or as a Cloud instance.

Deception Technology: Fad or Fashion for 2019

Deception technology adoption soared in 2017 and 2018. Was this simply a fad or is deception coming into fashion as the de facto in-network detection security control?

How Threat Deception Fits Within Your Security Stack

Discussion about real-world threat detection deployment experiences and the reasons why organizations are choosing deception technology.

Attivo Networks® DecoyDocs Datasheet

The ThreatDefend Deception and Response Platform provides an inherently offensive counterintelligence function. The solution seeks to disrupt and degrade the information-gathering and attack operations an adversary conducts inside the network, while at the same time providing collective counterintelligence functions by helping develop threat and adversary intelligence.

Attivo Networks® ThreatStrike™ Solution: Endpoint Deception-based Detection

The Attivo ThreatStrike End-Point Deception Solution is a customizable and non-intrusive technology that is used to identify targeted attacks of infected end-points, infected servers/VMs, the use of deception stolen credentials, and ransomware attacks on networked drives. The solution also provides for suspicious email submission for threat detection.

Attivo Networks® ThreatPath™ Platform Overview

The Attivo ThreatPath™ solution provides an attack path vulnerability assessment based on likely attack paths that an attacker would traverse through misconfigured systems or credential misuse.

Attivo Networks® ThreatOps™ Platform

The ThreatOps™ Platform works hand-in-hand with the BOTsink engagement server for in-network threat detection, attack analysis, and acceleration of incident response.

ThreatOps™ Incident Handling and Response

There are many challenges faced by IR and SecOps that technology innovations can now address. The Attivo Networks ThreatDefend Platform accurately and efficiently addresses these challenges while extending the value of existing security infrastructure 

BOTsink® Analysis Functions

To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).

BOTsink™ Decoys and Engagement Servers

The BOTsink™ solution provides the foundation for the ThreatDefend™ platform, turning the entire network into a trap with a matrix of distributed decoy systems.

ThreatStrike™ EndPoint Deception Suite

The Attivo ThreatStrike Endpoint solution provides early and accurate detection of targeted attacks on endpoints and servers.

ThreatPath™ Attack Path Vulnerability Assessment

The ThreatPath solution provides continuous attack path vulnerability assessment.