In April 2019, Mi2 JSC officially became a strategic partner of Attivo Networks®, the leader in deception technology, provides accurate in-network threat detection, analysis, and accelerated response to advanced, credential, insider, and ransomware attacks.
The Attivo Deception and Response Platform provides continuous visibility and efficient threat management for user networks, data centers, cloud, branch, IoT, ICS-SCADA, and POS environments.
Camouflage dynamic deception sets high-interaction traps to misdirect and lure attackers into revealing themselves. The solution’s advanced attack analysis and lateral movement tracking automate investigation, deliver evidence-based alerts, and in-depth forensic reports. Incident response is simplified with ThreatOps™ playbooks and 3rd party integrations for automated attack blocking, quarantine, and threat hunting. www.attivonetworks.com
Attivo’s Products and Solutions
Attivo Deception and Response Platform
Attivo Deception and Response Platform provides comprehensive network and endpoint-based deception for user networks, data centers, cloud, and specialty environments (IOT, ICS, POS). The deception “hall of mirrors” efficiently misdirects attackers into revealing themselves, while automated attack analysis, forensic reporting, and 3rd party integrations simplify and accelerate incident response.
BOTsink Decoys and Engagement Servers
The Attivo BOTsink® solution uses dynamic deception and a matrix of distributed decoy systems and lures to turn an entire network into a trap, which is designed to deceive in-network attackers into revealing themselves. The solution provides attack analysis, actionable alerts, and a dashboard to view and respond to threats.
ThreatStrike End-Point Deception
The Attivo ThreatStrike Endpoint Solution is a customizable and non-intrusive deception-based detection technology that is used to detect targeted attacks on end-points and servers. It is an agentless technology that plants deception credentials, lures, and shares (for ransomware) that are used to misdirect and reveal attackers.
ThreatPath™ Attack Path Vulnerability Assessment
The ThreatPath solution provides attack path vulnerability assessments based on likely attack paths an attacker can traverse via misconfigured systems or credential misuse. Visual illustrations of attacker paths provide insight into risks and clickable drill downs detail weaknesses and IP addresses for systems needing to be isolated and/or fixed.
ThreatOps™ Incident Handling and Response
The ThreatOps platform is designed to automate incident handling from detection through response. The solution leverages attack information gathered by BOTsink® engagement servers, memory forensics, and data from an organization’s security assets to automate attack data correlation and create playbooks for simplified incident handling and repeatable incident response.
Attivo Networks Solutions by Type
- In-network Threat Detection
- Threat detection throughout all attack phases (kill chain)
- Threat detection across all threat vectors
- Advanced and Zero Day
- Reconnaissance Attacks
- Stolen Credential Attacks
- No database look up or pattern matching required
- Attack analysis, correlation, and forensic reporting
- Accelerated incident response
To be consulted on Attivo’s solutions and products in Vietnam, please contact us:
Email: email@example.com; Hotline: 84-24 3938 0390