OVERVIEW

Active Directory Defense Capabilities

The TheatDefend platform provides extensive coverage to protect the Active Directory infrastructure without impacting operations.  Easily intercept and redirect reconnaissance activities targeting critical AD data.  Designed for ease of use and simple management, organizations can now add a proactive defense to protect their most critical AD accounts and information from unauthorized access.

Capabilities

Defend Active Directory with the extensive set of deception capabilities available in the ThreatDefend Platform

Deceptive Active Directory

Deceptive Active Directory

  • Enterprise-in-a-sandbox
  • Engagement VMs appear as part of the enterprise
  • Provides deceptive credentials validation and Windows decoy accounts
Deceptive Active Directory Breadcrumbs

Deceptive Breadcrumbs

  • Endpoint deception independent of deceptive AD
  • Implant breadcrumbs in production DC
  • Safeguard against Kerberoasting attacks, SYSVOL snoopers
Interception & Redirection

Interception & Redirection

  • Hides production results and/or adds deceptive data
  • Supports both Users and Computers, including ACLs
  • Ability to whitelist legitimate processes
  • Detailed telemetry on queries

“It’s definitely the time to be looking at deception. It’s simple, inexpensive, and it works.”

Sr Director Analyst at the world’s leading information technology research and advisory company