Attivo Networks ThreatDefend Platform
New capabilities on the Attivo Networks ThreatDefend Platform monitor available services on production endpoints and redirect attempted access into a deception environment. Every endpoint on the network becomes a decoy and, when paired with Attivo's deception lures, locks down an attacker's ability to break out from the endpoint without getting caught.
As a result, defenders gain visibility into the attacker's tools, the use of malicious software, and attempted lateral movement, and are able to quickly quarantine infected systems. Creating a deception blanket over the endpoint ensures cybercriminals can't bypass or avoid detection regardless of the attack method they ultimately choose.
ThreatDefend Platform doesn't require agents on the endpoint or disruption to network operations, Attivo said. Attackers on average take just four and a half hours to move off an initially compromised system, making it critical to stop lateral movement so that the adversary can't establish a foothold.