FREMONT, CA--(Marketwired - Sep 2, 2015) - Attivo Networks™, an innovator in information security threat detection, today announced support for Amazon Web Services, providing the industry's first globally scalable deception technology solution that detects inside-the-network threats across enterprise, private and public clouds. The Attivo BOTsink™ platform efficiently detects threats within all network and data center environments and the new Attivo Central Manager provides a universal control console and centralization of threat intelligence for its global BOTsink© deployments.
"Our customers requested the ability to deploy Attivo active deception over very large, comprehensive networks," says Tushar Kothari, CEO of Attivo Networks. "To be effective, it's critical that they can use our solutions over a public cloud in addition to their enterprise network and private clouds. The ability to manage global BOTsink deployments and threat intelligence from a central location were critical requirements for Attivo Fortune 500 customers. Attivo is proud to be the first in the industry to provide customers a globally, scalable, deception-based threat detection solution for their private, public, and hybrid clouds environments."
The need for detecting inside-the-network threats that have bypassed perimeter security is growing swiftly with the dramatic increase in breaches. In response, Attivo Networks has developed deception and decoy technology that detects BOTs and advanced persistent threats (APTs) within network and data center environments. With authentic deception techniques based on real operating systems and full services, the BOTsink solution lures threat actors into engaging with it vs. company servers. Once the attacker is engaged, the attacker's methods can be understood and threat intelligence provided to prevention systems to shut down current and prevent future attacks. Since the Attivo BOTsink solution is not in-line and does not rely on looking up signatures and attack patterns, the solution is able to non-disruptively scale to support 100s of subnets and to detect east-west advanced malware traffic in large data center environments.
Tweet This: .@attivonetworks goes global with AWS support and new Attivo Central Manager for global deployment support and threat intelligence
"Most large enterprises and government agencies know they are being constantly attacked and there is a good chance they have already been breached," Kothari adds. "Once an attacker is inside the network, prevention solutions can't reliably stop them, allowing zero-day attacks and lateral movement attack propagation to occur. Attivo deception efficiently detects attacks within the network and with no false positives, provides administrators with the alert and threat intelligence required to promptly shut down attacks."
Attivo BOTsink Active Deception
- Attivo provides advanced active deception that is based on real operating systems and full services. For increased authenticity, customers are also provided the option to completely and quickly customize their BOTsink deception and detection environment by importing a golden image of their current production machines.
- Going beyond basic detection, the Attivo BOTsink solution will engage the BOT or APT and provides the option to open a port to the attacker command and control server to gain a deeper understanding of attack information.
- An advanced threat intelligence dashboard manages alerts, and IOC reporting can be sent to prevention solutions to shut down current and prevent future attacks.
- The new Attivo Central Manager is designed to simplify the management of large global BOTsink deployments with a single management console that supports any version of current and future Attivo BOTsink solutions across all network environments. It can configure, manage and view events from large deployed BOTsink solutions with a single pane of glass.
- Attivo new appliance and VM offerings include: BOTsink 5100 with support for 100 VLANs and BOTsink 3200 for 32 VLANS
About Attivo Networks
Attivo Networks™ is the leader in deception-based threat detection solutions. Attivo uses active deception technology to authentically detect BOTs and APTs inside the network, data center, and cloud before the data can be breached. Leveraging high-interaction decoys, and deception, the Attivo BOTsink® lures and leads BOTs and APTs to reveal themselves, without generating any false positives. Designed for efficiency, there are no dependencies on signatures, database lookup or heavy computation to detect, redirect, and defend against cyber threats. The Attivo solution provides a comprehensive threat intelligence dashboard with the forensics required to capture attacker methods, update prevention systems, and prevent future attacks. www.attivonetworks.com