Attivo gets unconventional about attack surfaces

PHOTO

Dubai, United Arab Emirates: Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, announced today that the company has enhanced its portfolio with new deception techniques designed to derail attacks targeting non-traditional attack surfaces. In addition to Internet-of-Things (IoT) and operational technology, attackers are now targeting devices and applications that can be harder to secure than standard servers and desktops. These devices and applications are increasingly being targeted by adversaries looking for the weak link in an organization’s network. The company’s new technology enhancements will provide organizations the comprehensive threat detection coverage required for today’s age of ever-evolving attack surfaces and threat landscape.

This announcement builds upon the company’s current ThreatDefend™ deception portfolio, which already supports servers, cloud, user networks, and specialized environments such as IoT, SCADA, and POS. Attivo deception works by creating decoys, application, data, and credential bait designed to deceive and misdirect an attacker into engaging. Environmental authenticity is critical for tricking the attacker. Regardless of the operating environment, Attivo decoys can be set up to mirror match the production environment. This is achieved by creating decoys that share the same network characteristics and run the same operating systems, services, and applications as seen in the specific environment, making decoys indistinguishable from company assets. With traps and lures throughout the phases of an attack, deception quickly reveals an attacker’s presence in the network as they look to harvest credentials, recon the network or attempt to move laterally to escalate their attack.

“It is clear that attackers are becoming increasingly sophisticated and with the strong adoption of deception technology, they are beginning to anticipate deception technology in corporate networks,” said Tushar Kothari, CEO of Attivo Networks. “As a result, it is imperative that deception is authentic to be attractive to attackers and effective at deceiving them. Attivo anticipated this and has added specialized device and application decoys for early detection of attacks and real-time visibility into attacker activity, regardless of threat vector.”

Specialized Devices

Attivo has added the following to its specialized device deceptions. Current specialized decoys include IoT, Medical IoT, POS, and ICS-SCADA devices.

Cisco Routers: native decoys for virtual Cisco routers
Cisco Switches: native decoys for virtual Cisco switches
Cisco Telephony Network Devices: native decoys for virtual CUCM Cisco telephony

Network devices have their own sets of vulnerabilities, and attackers target these systems because organizations don’t often replace them once installed. With network device decoys, organizations now have a way to alert when attackers target their network communications infrastructures.

Specialized Services and Applications

Attivo has added the following specialized services and application deceptions. Current specialized applications include web services, remote access, file transfer, database, and SWIFT web application deceptions.

Camera Streaming Server: native support for Real Time Streaming Protocol
Docker Apps: TD and native support for containerized apps
Big Data: native support for MongoDB, Elastic Search, and Redis
Retail Web Portal: native support for web portal application with a database back-end
Printers: native support for print servers, print managers, and printer decoys

Adding native support for additional specialized services and applications increases the decoy’s out-of-the-box authenticity while giving organizations decoy capabilities that alert when attackers attempt to compromise them. These added capabilities increase the breadth and depth of Attivo deception.

“As the attack surface continues to expand, organizations are increasingly seeking solutions that provide early detection and visibility for specialty environments,” said Rik Turner, Principal Analyst at Ovum. “Because of its efficacy, deception technology is now entering the mainstream and will soon be in the armory of most businesses. Attivo in particular provides highly authentic deception across an organization’s network, including difficult-to-secure environments such as IoT, network, and telephony infrastructure.”

These new enhancements are also a direct response to reducing the time an attacker remains undetected in a network. This issue, known as dwell time, currently averages over 100 days (FireEye/Mandiant 2018 M-Trends report), which provides the time required for adversaries to successfully execute an attack. Unconventional attack surfaces can be difficult to secure and may not be monitored at the same levels as other devices, leaving exposed points of entry for attackers to establish a foothold and quietly exploit the network. The expansion of the ThreatDefend deception capabilities now provides the visibility and early detection for some of the most difficult entry points to secure, effectively reducing dwell time by quickly and accurately detecting threats.

-Ends-

About Attivo Networks

Attivo Networks® is the leader in dynamic deception technology for the real-time detection, analysis an forensics of cyber-attacks. The Attivo Deception Platform provides inside-the-network threat detection for user networks, data centers, clouds, and ICS-SCADA environments. Not reliant on known signatures or attack patterns, Attivo uses high-interaction deception techniques based on Attivo BOTsink® engagement servers to lure attackers into revealing themselves. Combined with the Attivo End-Point Deception Suite, advanced luring technology is deployed to detect the use of stolen credentials, ransomware, and targeted attacks. Comprehensive attack analysis and forensics provide actionable alerts and can be set to automatically block and quarantine attacks for accelerated incident response. For more information, visit www.attivonetworks.com.

Resources:
Specialized Deception
ThreatDefend™ Detection and Response Platform
Contact:
Audrey Fernandes
Golin MENA
AFernandes@golin.ae

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.

Attivo gets unconventional about attack surfaces

DISCOVER MORE

PowerDMARC and Zendata join forces to strengthen domain security

Samana Developers launches Dh1bln ‘Lake Views Complex’ in Dubai Production City

Saudi Pavilion to host over 700 events and daily live performances at Expo 2025 Osaka

Tolerance and human fraternity must shape technological innovation, says HE Sheikh Nahyan bin Mubarak Al Nahyan

FinTech Funding continues to surge as second edition of Dubai FinTech Summit commences

The CBUAE enhances SupTech initiative as part of its Financial Infrastructure Transformation Programme

Emirates Islamic reports record profit of AED 811mln for Q1 2024

Emirates NBD’s profit surge 67% to a record AED 6.7bln in Q1-24

Victor moves headquarters to Abu Dhabi

Bitget Wallet’s COO explained web3 security strategies at Dubai conference

Albal Design launches UAE's first science based interior design concept

Binghatti launches its debut project adjacent to Dubai Hills

Dar Global announces partnership with Aston Martin to deliver stunning beachfront residences in Ras Al Khaimah, United Arab Emirates

Sharjah confirms opening of all blocked roads in city

Dubai offers free bulk waste removal service via WhatsApp

Sheikh Hamdan praises Dubai’s resilience, collective response through extreme weather situation

International Humanitarian City rebranded as ‘Dubai Humanitarian’

From cancer medicines to baby food: UAE residents unite to help flood-hit neighbourhoods

LATEST VIDEO

VIDEO: Expect more extreme weather threats like UAE floods worldwide – Climate expert

ZAWYA COVERAGE

Emirates Islamic Bank posts 35% jump in Q1 2024 net profit

Kuwait’s AlShaya Group CEO says hostility to US brands has receded; negligible impacts due to floods

Dubai's Emirates NBD Q1 net profit up 12%; beats estimate

UAE’s ADQ sets up $500mln investment accord with Kenya

Qatar's Baladna to invest $3.5bln to build a powdered milk farm in Algeria: Ministry

BoE tries to sail a mid-ocean policy: Mike Dolan

Renewables generate a third of Australian electricity in Q1 2024: Maguire

How Volvo landed a cheap Chinese EV on U.S. shores in a trade war

NYCB faces tough choices on CRE loans, balance sheet diversification

THE BRI REPORT

China’s flagship global infrastructure initiative is changing in the face of potent headwinds