Attivo Networks®, experts in Identity Detection and Response (IDR), provides innovative defenses for protection against identity compromise, privilege escalation, and lateral movement attacks. The company’s solutions deliver unprecedented visibility, prevention, and derailment for security exposures, and attack escalation activities across endpoints, Active Directory (AD), and cloud environments.
The company’s mission is to provide a superior defense for countering in-network threat activity. This is achieved with visibility to identity risk and entitlement exposures and stage two attack activities. The ThreatDefend Platform has three core elements that protect against identity compromise, privilege escalation, and lateral movement attack activities.
Identity compromise solutions protect credentials and entitlements by finding and categorizing risky credential exposures and attack paths to critical assets. This visibility uniquely spans across endpoints, Active Directory, and clouds and are powerful resources for attack surface reduction. The company’s credential protection cloaks real credentials and plants lures for threat intelligence gathering.
Active Directory is achieved with the ADAssesor solution, which is an on-demand pen test for AD. It shows hundreds of exposures, vulnerabilities, and live attacks on AD. The ADSecure solution intercepts unauthorized queries to AD, hiding and denying access to real AD object. The solution also feeds disinformation to attackers and their tools, disrupting and slowing the attack.
Attivo BOTsink and Endpoint Detection Net (EDN) solutions prevent attackers from completing discovery and lateral movement activities, so they cannot fingerprint systems, enumerate AD, steal credentials, leverage local admin credentials, or find systems, files, folders, or shares. A combination of data cloaking, fake data, misdirections, and deception are used. Attivo Networks has won 150+ awards for its technology innovation and leadership.