Attivo Networks has created a new class of deception- based threat detection that levels the playing field against attackers. This deception platform is recognized for its comprehensive network and endpoint-based deception, which turns user networks, data centers, cloud, remote offices, and even specialty environments such as IOT, ICS-SCADA, point-of- sale, telecom, and network infrastructure systems into traps that will quickly confuse, misdirect, and reveal the presence of attackers. This “hall of mirrors” creates an environment where the attacker is lured into making a mistake, reducing their dwell time within the network. Additionally, the solution uses machine learning to create Adaptive Deception Campaigns. These self- learning deception campaigns enable automatic credential and decoy refresh based on a schedule or suspicion of an attack that may be underway. Deceptions can be set to automatically rebuild and re-spin after attacker engagement to avoid fingerprinting.
Attivo Use cases focus on inside network threats:
- detect lateral movement
- detecting them sooner (with near zero false positives)
- slowing down attacks
- providing real-time forensics