Deception Technology for Remote Worker Risk Mitigation

OVERVIEW

Protecting SaaS applications and VPN

As remote workers become more commonplace, traditional on-premises security controls aren’t reliably protecting network infrastructures. More organizations are implementing the Attivo Networks ThreatDefend® platform products to detect threats early and defend their remote workforce.

A compromised employee system is a direct line for the attacker into the enterprise network. Attackers can also compromise credentials to affect employees using SaaS-based business applications. The ThreatDefend platform can detect and prevent lateral movement within the VPN environment and reduces the impact on the organization resulting from a compromised remote system.

PROTECTION FUNCTIONS

SaaS Credential Monitoring

Network Recon Detection

MitM Visibility

VPN & Other Credential Theft Detection

AD Protection

Data Exfiltration Visibility

SECURING THE ENTERPRISE WHEN EMPLOYEES WORK REMOTELY

Network Discovery over VPN

Real time visibility on attempts to enumerate hosts on the VPN network segment.

VPN credential theft and reuse

Know when VPN credentials are stolen & used to access the corporate network.

Active Directory reconnaissance

Detect & misdirect unauthorized attempts to query AD for high-value accounts.

SaaS/Cloud Credential Monitoring

Monitor for use of stolen or expired credentials accessing SaaS accounts.

VPN Network Protection

Quickly detect malware, ransomware, or MitM attacks in the VPN network segment.

Citrix VPN Application Protection

Monitor the Citrix remote application infrastructure for unauthorized activity.

Detect Data Theft Attempts

Detect unauthorized document access or exfiltration.

BENEFITS

The ThreatDefend platform is tackling remote worker risk mitigation head on by protecting SaaS applications and VPNs.

Mitigate risks associated with remote workers accessing VPN or Cloud-based services

Ongoing visibility into VPN network segment activity

Insight into SaaS/IaaS/VPN credential misuse

Compensate for lack of enterprise security controls outside the perimeter for remote workers

Not reliant on network behavior baselines for detection effectiveness

Flexible deployment options, from 100% cloud based to hybrid deployments on the endpoints

Engagement with decoys facilitates Threat Intelligence collection

Nearly half of organizations report an increase in cyber-attacks since mass work from home began.

Enterprise Strategy Group

RESOURCES

Perspectives

SPOTLIGHT

Securing The Enterprise
When Employees Work Remotely

Speak to a deception specialist

Ready to find out what the Attivo Networks solution can do for your organization? Our security experts are standing by, ready to answer your questions.

LET'S TALK

ThreatDefend Platform

Distributed Deception Platform for Post-Compromise Detection and Response

Report: Using Deception to Improve MITRE ATT&CK Test Results for Endpoint Security

Authored by Dr. Edward Amoroso, CEO of TAG Cyber

Attivo Networks Survey Report

Top threat detection trends

Already a Channel Partner?

Partner Integration Overview

Best Workplace

Best Technology

Remote Worker Risk Mitigation