Enterprise SecurityTop Stories

Attivo Networks introduces self-learning deceptions to misdirect cyber attackers

Attivo Networks introduces self-learning deceptions to misdirect cyber attackers

Attivo Networks has announced another break-through innovation in the fight against cyber attackers with Dynamic Behavioural Deception (DBD). With the release of Attivo Camouflage for Dynamic Behavioral Deception, security teams can use the solution’s automated self-learning technology to intelligently auto-discover, dynamically deploy deception, and assign other bait to further circumvent attacker detection.

The Middle East is fighting a new wave of cyberattacks which has outpaced heightened awareness, increasing IT investments and concerted efforts by organisations to prevent becoming targets of cyber crime. Today’s threat landscape fosters sophisticated and well-funded cybercriminals who impair the abilities of an organisation to detect malicious activity ahead of a breach, leaving it exposed to serious liability. According to a survey by IDC, 80% of regional firms lack the tools to detect and assess threats, while 42% say the cyber security solutions are not enough to manage cyber risks. This is because over the years organisations have invested in threat prevention solutions which are treated as a discounted security add-on in the long run. Threat prevention solutions have demonstrated greater security gaps which can easily be compromised given the sophisticated nature of the tools used by the modern day cybercriminal. Attivo Camouflage for Dynamic Behavioural Deception addresses this challenge with its aggressive self-learning auto-discovery and threat detection capabilities.

The concept of camouflage is a well known tactic for creating a stealth environment and creates a powerful element of surprise against an attacker. Attivo Networks with its Threat Matrix Deception Platform has been recognised across the world as the leader in deception for its efficiency in the early detection of an attacker’s presence in user networks, data centres, clouds, IoT, and ICS-SCADA environments.  The solution creates decoys that are based on real operating systems, run environmental golden images, and configures them so that the decoys appear as authentic production units in every network.

“Deploying decoys and lures that mirror a company’s production environment requires a deep understanding of that environment and can take some time to achieve and dynamically refresh,” comments Tushar Kothari, CEO of Attivo Networks.  “With Attivo Camoflouge, security teams can use our automated self-learning technology to discover and dynamically assign and refresh credentials, and other bait instantly.”

Behavioral Deception Automation aligns to the ThreatMatrix Continuous Threat Management platform, and provides the benefit of simplified deployment, updating, and operational management of decoys and their corresponding credential, data, and application bait. The overall ThreatMatrix Platform provides six pillars for Continuous Threat Management and include Detection, Attack Analysis, Forensics, Incident Handling, Threat Path Assessment, and Prevention.

Other recent enhancements for deception authenticity and ease of use include:

·      IoT and ICS-SCADA gateway and supervisory control deceptions

·      Deployment of deception in branch offices through integration with routing infrastructure and centralised decoy VM’s, removing the need for local device management

·      Stealth mode operation to avoid interference with network scanning devices

·      Enhanced threat intelligence dashboard with enhanced attack analysis and forensic reporting

·      Automated blocking and quarantine of infected systems with the major firewall, NAC, end-point providers and SIEM integrations

“One of my favourite phone calls to get in a day is from a customer sharing his story of how Attivo deception was able to deceive their Red Team into engaging with deception credentials or decoys and how the security operations team was able to track and report on their every move,” added Tushar Kothari. “It’s a testament to the authenticity of Attivo deception and one of the reasons it has been recognised is for its effectiveness.  This latest announcement is one more step in dramatically uping the ante on the complexity that an attacker will have to navigate in order to launch a successful attack.”

“At a minimum, with a deception minefield, the attack becomes more complex and ideally the attacker re-aims its sights on targets which are faster and easier to exploit,” stated Michael Suby, Stratecast VP of Research at Frost & Sullivan and author of. Deception as a Security Discipline – Going on the Offensive in the Cybersecurity Battlefield, available here.