The best protection against cybersecurity attackers is to have an adaptive security defense, which is based on prevention, detection, and response systems working together to provide early detection, continuous threat management, and accelerated response. Attivo works actively with industry leading providers of firewall, NAC, SIEM, malware database solutions to share attack information and reduce the complexity and time associated with dealing with cyber threats. Below is a list of our integration and strategic go-to-market partners that are working together to bring these integrated solutions to markets across the globe.
Attivo Networks provides the industry’s first globally scalable deception technology solution that detects inside-the-network threats across enterprise, private and public clouds. The Attivo BOTsink platform efficiently detects threats within all network and Amazon Web Services data center environments with the Attivo Central Manager providing universal control and centralization of threat intelligence for its global BOTsink deployments.
Attivo Networks has partnered with Aruba, a Hewlett Packard Enterprise company to deliver a highly scalable network access solution integrating the Attivo Networks Deception Platform and Aruba ClearPass platform. This integration provides customers with the ability to identify users and devices on wired and wireless networks, detect threats in real-time, gather attack analysis and automatically remediate suspect devices based on intent – regardless of user role or device type.
Attivo Networks has partnered with Carbon Black to provide organizations early detection of in-network threats, automated response actions based on deception server engagement, and the ability to query Carbon Black servers for additional forensic artifacts on other infected systems. The integrated solution, which includes the Attivo Deception and Response Platform and the Carbon Black Platform will provide organizations an advanced level of visibility and improve overall threat management operations by simplifying information sharing and automating incident response actions.
Attivo Networks has partnered with Check Point Software Technologies Ltd. to deliver an integrated solution between Attivo Deception Platform and the Check Point R80 that empowers continuous threat management using dynamic deceptions for real-time detection and analysis and enables accelerated response to cyber incidents. Detailed attack forensics shared automatically with Check Point Firewall allows prompt blocking to prevent exfiltration of data.
Information sharing and the automation of incident response, for blocking and quarantining an active attack, can dramatically reduce the risk and impact of a potential breach. Attivo Networks deception technology allows for the real-time detection and identification of reconnaissance activities and early lateral movement infections that are often the first step in a sophisticated breach strategy. Configuring BOTsink engagement servers to integrate with the Cisco pxGrid, ISE, and ASA delivers an effective and efficient solution for early threat detection, prompt incident response, and the derailing of cyberattacks. Together, Attivo Networks and Cisco Systems can increase network defenses in an operationally efficient manner.
The integration of the Attivo ThreatDefend Platform with CounterTack empowers organizations with an integrated and active defense platform. Together they provide effective endpoint control through policy and threat prevention, realtime detection of cyber attackers, and the ability to mitigate risks by instantly quarantining the infected endpoints
Attivo Networks® has partnered with Demisto® to provide advanced security orchestration and incident management. With the joint solution, customers gain visibility into their environment and attack intelligence that the Attivo Networks ThreatDefend™ decoy systems collect and feed to Demisto.
The Digital Defense Frontline.Cloud™ integration with Attivo Networks® identifies high-risk/critical assets with business context that are highly vulnerable to exploits, remain unpatched, are un-patchable or have already been infected in real-time. The integration with the Attivo Networks BOTsink® solution allows administrators to quickly and confidently make strategic decisions on where to dynamically deploy additional deception technology assets to enhance their deception deployment and further misdirect attackers. This gives organizations the advantage of time to detect, analyze, and stop an attacker even as their risk posture and critical assets change.
Attivo Networks® has partnered with FireEye to provide advanced, real-time, in-network threat detection and improved automated incident response. With the joint solution, customers receive improved threat intelligence to isolate compromised systems based on suspicious activity. Organizations can reduce time and resources required to detect threats, analyze attacks, and to remediate infected endpoints, ultimately decreasing the organization’s risk of breaches and data loss..
Attivo Networks has partnered with ForeScout to deliver an integrated solution between the Attivo Networks Deception Platform and ForeScout CounterACT. This joint solution allows customers to detect threats in real-time, gather attack analysis and choose to manually or automatically block attackers and quarantine end-points based on suspicious activity. Additionally, the integration can be used for easy and centralized deployment of the Attivo Endpoint Suite.
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud or mobile environments. More than 280,000 customers worldwide trust Fortinet to protect their businesses.
Attivo Networks ThreatDefend Platform and Micro Focus ArcSight have partnered to provide continuous threat management using dynamic deceptions for the real-time detection, analysis, event correlation and accelerated response to cyber incidents. Substantiated alerts and detailed attack forensics shared with Micro Focus ArcSight, and the ability to query usage of deceptive credentials from ArcSight enhances visibility and prioritization of critical events for a prompt incident response.
Attivo Networks Deception and Response Platform integrates with IBM® QRadar®. IBM QRadar Security Intelligence Platform provides a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics, incident response, and configuration and vulnerability management. It uses an advanced Sense Analytics Engine to detect advanced threats while providing greater ease of use and lower total cost of ownership.
Attivo Networks provides a complimentary line of defense to perimeter security solutions and detects cyber attacks that have by-passed all other security prevention solutions. Attivo dynamic deception provides the detection and visibility into BOTs and APTs that are in the network and through integration, the BOTsink solution will update the Juniper Networks SRX Series Firewalls to quarantine infected nodes dramatically reducing the time required for detection, quarantining, and remediation.
Attivo Networks® has partnered with McAfee® to detect real-time in-network threats and to automate incident response by enabling the automated quarantine of infected endpoints, redirection of potentially malicious traffic, and threat intelligence sharing with other McAfee partners. The Attivo Networks ThreatDefend™ platform’s native integrations with McAfee ePolicy Orchestrator (ePO), Enterprise Security Manager (ESM) SIEM, and Network Security Platform (NSP) allow for an accelerated incident response. The integration in the Data Exchange Layer communication fabric provides a robust and efficient way to share rich forensic information across multiple solutions.
Attivo Networks and McAfee have collaborated to provide continuous threat management using dynamic deceptions for the real-time detection, analysis, event correlation and accelerated response to cyber incidents and ESM. The BOTsink solution generates deception-based detection alerts it displays in its dashboard, but it can also send these alerts and events to McAfee ESM. Substantiated alerts and detailed attack forensics shared with McAfee ESM enhances visibility and helps prioritize critical events for prompt incident response.
Attivo Networks® Deception and Response Platform and McAfee ePolicy Orchestrator are integrated to offer customers a collective defense solution that empowers detection of real-time threats, gathering of attack analysis, manual or automated blocking of attacks and quarantining of endpoints based on suspicious activity. The combined solution also offers a centralized portal that allows easy deployment of the ThreatStrike Suite at endpoints. Together, the solution allows continuous threat management through early detection, analysis, and remediation capabilities.
The Attivo ThreatDefend™ Deception and Response Platform is now available as an integrated solution with the McAfee Network Security Platform (NSP). The Attivo BOTsink deception solution integrates with McAfee NSP, taking the DNS sinkhole concept to the next level, by capturing the full intent of the attack and by providing the forensics required to remediate infected devices. Together McAfee NSP and Attivo ThreatDefend offers a unique method to analyze the TTPs of a targeted attack. This knowledge empowers organizations to quickly identify and remediate infected devices and prevent future cyberattacks.
Attivo Networks and Palo Alto Networks have teamed up with NextGen firewall and BOTsink deception server integration to provide early threat detection and the automatic blocking of attacks. With this integration, customers have the ability to detect in-network threats, analyze attacks, and automate incident response actions improving an organization’s defense against advanced threats.
Attivo Networks has partnered with ReversingLabs to provide advanced threat hunting and analysis capabilities. With the joint solution, customers obtain enriched data regarding files attackers use on decoy systems by leveraging ReversingLabs reputational services, malware hunting, and file analysis capabilities. Customers can reduce time and resources required to detect and identify threats, analyze malware, and to remediate infected endpoints, ultimately decreasing an organization’s risk of breaches and data loss.
Attivo Networks® has partnered with ServiceNow to provide advanced, real-time, in-network threat detection and improved automated incident response. With the joint solution, customers receive improved threat intelligence, with high fidelity alerts based on confirmed suspicious activity, that lets them initiate service tickets automatically.
Attivo Networks Deception and Response PlatformTM integrates with Splunk® that is well-known for its Log Management capabilities and also for its SIEM solutions. The integration provides the ability for the Attivo solution to query the SIEM for the use of deception credentials and for the solution to automatically push found attack information to the Splunk solution for improved threat prevention. The solution is also supported by the Splunk app.
Attivo Networks® has partnered with Splunk® to provide advanced security orchestration and incident management through the Splunk Phantom platform. With the joint solution, customers gain visibility into their environment and attack intelligence that the Attivo Networks ThreatDefend™ decoy systems collect and feed to Splunk Phantom.
Attivo Networks® has partnered with Symantec to provide advanced, real-time, in-network threat detection and improved automated incident response. With the joint solution, customers receive improved threat intelligence to isolate compromised systems based on suspicious activity.
Attivo Networks® has partnered with Tanium® to provide advanced, real-time, in-network threat detection, attack analysis, and improved automated incident response to block and quarantine infected endpoints. With the joint solution, customers can review alerts and the accompanying attack forensics and assign endpoint policies to automatically block and isolate systems deemed compromised.
Attivo Networks® has partnered with ThreatConnect® to provide advanced threat intelligence sharing and analysis capabilities. With the joint solution, customers gain visibility on attack information and threat intelligence that the ThreatDefend™ decoy systems collect and feed to ThreatConnect.
Attivo Networks has partnered with VirusTotal to provide advanced threat intelligence sharing and analysis capabilities. With the joint solution, customers gain visibility on attack information and threat intelligence from the Attivo Networks ThreatDefend™ decoy systems, which collect suspicious files that are then fed into VirusTotal for comprehensive analysis.
Attivo Networks is proud to be a Small Business Member of AFCEA, an member-based organization providing a forum for military and government communities to connect with security and technology professionals.
Attivo Networks is an Affiliate Board Advisor of the Financial Services Information Sharing and Analysis Center (FS-ISAC), a community of financial organizations working together to share cyber and physical threat intelligence and combat cybercrime activities. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non-profit entity. Attivo is the first deception-based threat detection provider to join the FS-ISAC as an Affiliate Board Advisor.
Cloud Harmonics is an Attivo Networks authorized distribution and training partner and provides channel partners with training, advanced services, and integrated technologies that add value to security, infrastructure, and cloud solutions. With Attivo in its portfolio, Cloud Harmonics will provide comprehensive security solutions that improve both cloud and security administrators’ ability to immediately detect, quarantine, and remediate cyber threats.
Attivo Networks is a Gold Member of Healthcare Information and Management Systems Society (HIMSS), a cause-based non-profit network of health IT professionals positively transforming healthcare through the best use of information technology in the United States and Canada.
Attivo Networks is a Sponsored Member of Information Systems Security Association (ISSA), a community for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.
immixGroup is Attivo’s authorized Federal distributor and GSA Aggregator, providing Federal partners with value-added services related to Government marketing and procurement, as well as access to the entire Attivo line of deception-based solutions.
Macnica Networks is an Attivo Networks authorized distributor in Japan and provides channel partners with integrated technologies that add value to security and infrastructure. With Attivo in its portfolio, Macnica Networks will provide comprehensive security solutions that enable organizations to have an adaptive defense built on the ability to immediately detect, quarantine, and remediate cyber threats.
Networks Unlimited is an Attivo Networks authorized distributor in South and Sub-Saharan Africa and provides channel partners with integrated technologies that add value to security and infrastructure. With Attivo in its portfolio, Networks Unlimited provides comprehensive security solutions that enable organizations to fortify their security defenses through efficient detection, quarantine, and remediation of cyber attacks.
Attivo Networks is Navigator sponsor of the National Healthcare and Information Sharing and Analysis Center (NH-ISAC), an community of non-profit and for-profit healthcare stakeholder who are seeking protection of valuable PHI (personal health information) and compliance with Federal HIPAA regulations and standards, driving the assurance of patient health and life safety and fostering continuity of operations. Joining NH-ISAC is one of the best ways health and public health services firms can do their part to protect the industry and its vital role in critical infrastructure.
Attivo is the first deception-based threat detection provider to join the NH-ISAC as an Affiliate Board Advisor.
Singtel is an Attivo Networks strategic partner headquartered in Singapore and provides integrated technologies that add value to security and infrastructure. With Attivo in its portfolio, Singtel will provide comprehensive security solutions that enable organizations to deploy an adaptive defense built on the ability to immediately detect, quarantine, and remediate cyber threats.
SPECTRAMI is a pan-EMEA value-added distributor with a local presence in UK, Germany, Austria, Netherlands and the GCC. With headquarters in the UAE, the company boasts an extensive network of worldwide channel partners. Specializing in end-to-end solutions across information security, data center infrastructure and data communication networks, the global distributor assists enterprises to meet regulatory standards on their infrastructure, protect confidential data assets and applications.
With proficiency across sales, marketing, logistics and management, SPECTRAMI’s unique strengths include excellent resources, effective on-ground support and a highly qualified team to identify optimal sales channels and marketing strategies for a product line. Through thriving partnerships with its 100 plus resellers and systems integrators across more than 40 countries in the EMEA market, the value-added distributor ensures a cohesive business model to cater to evolving customer demands across the globe.
Attivo Networks is proud to participate in the National Cyber Security Awareness Month (NCSAM) Champion Program. Created under the leadership of the U.S. Department of Homeland Security and the National Cyber Security Alliance, the goal of NCSAM is similar to a core Attivo corporate goal: raising awareness about the number and sophistication of BOTs and advanced persistent threats (APTs) that target our critical information every day.
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security.