OVERVIEW

Active Directory Security Capabilities

The TheatDefend platform provides extensive Active Directory protection to the production infrastructure without impacting operations.  Easily detect and redirect reconnaissance attack activities targeting critical AD data.  Designed for ease of use and simple management, organizations can now add a proactive defense to protect their most critical AD accounts and information from unauthorized access.

Capabilities

Implement Active Directory security with extensive detection capabilities available in the ThreatDefend Platform

Deceptive Active Directory

Active Directory Protection

  • Decoy AD Infrastracture: Enterprise-in-a-sandbox
  • Engagement VMs appear as part of the enterprise
  • Provides deceptive credentials validation and Windows decoy accounts
Deceptive Active Directory Breadcrumbs

Deceptive Breadcrumbs

  • Endpoint deception independent of deceptive AD
  • Implant breadcrumbs in production DC
  • Safeguard against Kerberoasting attacks, SYSVOL snoopers
Interception & Redirection

Detection & Redirection

  • Hides production results and misdirects attacks
  • Supports both Users and Computers, including ACLs
  • Ability to whitelist legitimate processes
  • Detailed telemetry (TTPs) on queries

“It’s definitely the time to be looking at deception. It’s simple, inexpensive, and it works.”

Sr Director Analyst at the world’s leading information technology research and advisory company