ThreatDefend protects against Active Directory enumeration and ransomware by hiding files, AD objects, folders, mapped network and cloud shares, and removable drives so attackers can’t find the data or access it for encryption.
Attivo ThreatDefend offers value and ROI as an early detection system of attacker reconnaissance, credential harvesting, privilege escalation, and lateral movement, considerably reducing dwell time and disrupting an attacker’s ability to complete their mission. Customers gain immediate value from in-network active observation, threat engagement, and the ability to provide the substantiated detail required to identify infected systems and block and quarantine threats.Click here to access all coverage of the 2021 SC Awards.
Attivo leverages MITRE ATT&CK, which offers an excellent framework for showing coverage against attack techniques and tactics. The platform covers 11 of 12 tactics and 72 techniques, the most of any deception provider. MITRE also has MITRE Shield, which defines a framework for creating an Active Defense. Attivo covers 27 of 33 techniques and 123 of 190 use cases. ThreatDefend for a 1,000-person company starts at around $50,000.Some other product highlights include protection of Active Directory by hiding AD objects and returning fake data to unauthorized queries, stopping ransomware attacks by data cloaking that hides and denies access, and preventing endpoint fingerprinting by redirecting inbound and outbound connection attempts that touch closed ports to decoys for engagement.“ThreatDefend alerts are based upon attacker techniques and aren’t reliant on signatures, hashes, or database lookup, like most legacy security products,” the company said in its entry. “Thus, it does not require constant database updates, and generally, there are two major software updates per year. Updates are included as part of the support agreement and easily downloaded through a support portal.”
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
