OVERVIEW

Endpoint compromises are happening at a relentless pace, leading to significant ransomware demands and business disruption. Organizations must stop stage 2 post compromise attack activity quickly, which requires reliable prevention and detection of attacker in-network lateral movement and privilege escalation activities.

Derailing lateral movement centers on preventing cybercriminals from seeing and accessing local file and account information that can lead to data theft or destruction. The Attivo Networks endpoint-based DataCloak function prevents attackers from finding and accessing critical data and exploiting local files, accounts, and storage locations. Credential and Active Directory object cloaking also serve to restrict credential theft and misuse, while binding credentials to applications prevents unauthorized access. By denying attackers the ability to see or exploit critical data, organizations can efficiently disrupt discovery and lateral movement activities, and drastically reduce the risk of a successful ransomware or other destructive attack.

“54% of the techniques and tactics used to execute testing of lateral movement were missed.”

2020 Mandiant Security Effectiveness Report​

Awards For Endpoint Detection Net (EDN): DataCloak

Cyber Security Awards
Info Security Products Guide 2020 Bronze

BENEFITS

Hide and Deny Access to Local, Network, and Cloud Storage

Cloaking - Ransomware Protection

Ransomware Protection

  • Hide and deny access to ransomware to prevent discovery or encryption of local, network, or cloud-stored data
Cloaking - Deny Privilege Escalation

Deny Privilege Escalation

  • Hide Local Administrator accounts so attackers can’t use them to escalate privileges
Cloaking - Ransomware Protection

Prevent Lateral Movement

  • Hide credentials to prevent attackers from gaining unauthorized access and moving laterally through the network

Attivo Networks Solution Overview

Cloaking - Prevent Cybercriminals from Seeing and Accessing Local File, Account Information and Credentials

HIDE CRITICAL AREAS OF YOUR NETWORK

Insider Threat Supplier/Local Files

Local Files

Local Folder Single

Local Folders

Network Shares

Network Shares

Mitigate Risk

Cloud Shares

Removable Drives

Removable Drives

Local Admin Accounts

Local Admin Accounts

Application Credentials

Application Credentials