Hims & Hers Halts Compounded Semaglutide Pill After FDA Warning 
Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
Uber Ordered to Pay $8.5 Million in Bellwether Sexual Assault Lawsuit 
TrumpRx Website Launches to Offer Discounted Prescription Drugs for Cash-Paying Americans 
SpaceX Prioritizes Moon Mission Before Mars as Starship Development Accelerates 
Salesforce Workforce Reduction Affects Fewer Than 1,000 Roles Amid Ongoing Restructuring 
Missouri Judge Dismisses Lawsuit Challenging Starbucks’ Diversity and Inclusion Policies 
Alphabet Plans Rare 100-Year Sterling Bond to Fund AI Expansion 
Trump Administration Plans Chip Tariff Exemptions for Big Tech Amid AI Data Center Push 
Amazon Explores AI Content Marketplace With Media Publishers 
Kroger Set to Name Former Walmart Executive Greg Foran as Next CEO 
Innovent Biologics Shares Rally on New Eli Lilly Oncology and Immunology Deal 
Treasury Wine Estates Shares Surge After U.S. Dispute Settlement and Earnings Upgrade 
Standard Chartered Names Peter Burrill as Interim Group CFO Following Diego De Giorgi’s Exit 
Macquarie Group Shares Jump as Third-Quarter Trading Conditions Improve Across Key Units 
Washington Post Publisher Will Lewis Steps Down After Layoffs 
Trump Backs Nexstar–Tegna Merger Amid Shifting U.S. Media Landscape 
FREMONT, Calif., April 04, 2018 -- Attivo Networks®, the leader in deception solutions for cybersecurity defense, today introduced enhancements to its ThreatDefend™ deception and response platform, which is designed to deceive and reveal attackers that have bypassed perimeter security. The latest version of the ThreatDefend platform augments its current Threat and Adversary Intelligence gathering by adding Counterintelligence that identifies the types of data the attacker is attempting to steal and, through geolocation services, where the documents are being accessed. This information provides powerful insight that can be used to better understand the adversary and strengthen a company’s overall defenses.
The ThreatDefend Platform’s new DecoyDocs feature provides the ability to plant deception files that allow the organization to conduct data loss tracking (DLT) on documents that have been exfiltrated. By embedding a tracking call-back function into a document, the solution provides information about what was stolen and where an attacker opened the file, whether inside or outside of the network. The DecoyDocs call-back provides the externally-facing IP address and geolocation of every system that opens the deception file, the name of the stolen file and which deception network the data was extracted from.
“While advanced Threat and Adversary Intelligence helps security teams determine how bad actors are attacking, our customers still face a wide range of challenges in understanding the intent, motivation, and attribution of attackers,” said Tushar Kothari, CEO of Attivo Networks. “The new Counterintelligence functionality within the ThreatDefend platform directly addresses this knowledge gap by empowering organizations to gather intel on targets and intent. This knowledge can then be applied to offense-based security measures and ultimately call checkmate on their attacker.”
Many organizations are familiar with Threat Intelligence, collecting and analyzing information that helps develop indicators of compromise (IOCs) to identify commonalities of an attack. At a more strategic level is Adversary Intelligence, which identifies the Tactics, Techniques and Procedures (TTPs) of an attacker and is used to better understand an attacker’s capabilities. The Attivo ThreatDefend Platform provides organizations with both Threat and Adversary Intelligence, which captures all attack activity during engagement with a decoy asset. DecoyDocs takes this one step further, tracking deceptive documents when they are stolen and opened, providing complete and comprehensive collective counterintelligence capabilities through insight into what type of data attackers are targeting and their motivation for doing so.
DecoyDocs are fast and easy to add to a deception environment. Desired files are loaded into Attivo Networks BOTsink® engagement servers, where they are tagged for tracking and a notification system is set up. DecoyDocs are then placed in attractive locations for attackers and are intentionally allowed to be exfiltrated. DecoyDocs can also provide automated deployment of decoy Powershell, Linux scripts, files and documents for additional in-network security trip wires. Security teams will instantly benefit from the knowledge gained from DecoyDoc alerts and can immediately apply these to offense-driven countermeasures.
About Attivo Networks
Attivo Networks® is the leader in deception technology for real-time detection, analysis, and accelerated response to advanced, credential, insider, and ransomware cyber-attacks. The Attivo ThreatDefend™ Deception and Response Platform accurately detects advanced in-network threats and provides scalable continuous threat management for user networks, data centers, cloud, IoT, ICS-SCADA, and POS environments. Attivo Camouflage dynamic deception techniques and decoys set high-interaction traps to efficiently lure attackers into revealing themselves. Advanced attack analysis and lateral movement tracking are auto-correlated for evidence-based alerts, forensic reporting, and automatic blocking and quarantine of attacks. For more information, visit www.attivonetworks.com.
CONTACT:
Pete Johnson/Loren Guertin
Matter Communications for Attivo Networks
[email protected]
971.245.3117
[email protected]
401.351.9504
Follow Attivo Networks: Twitter and LinkedIn
