Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, today announced that it is experiencing accelerated customer demand for its insider threat detection solutions and that 40% of its customers are now citing deception within their top two use cases for the technology. A recent Enterprise Management Associates survey also announced that deception technology ranked as the top choice in security controls for accurately detecting insider threats, as compared to 12 other security solutions.
Furthermore, the company is continuing to achieve widespread industry recognition for its innovative approach to visibility and detection of human and automated attackers. Unlike other detections solutions, the Attivo Networks ThreatDefend™ Platform requires no signatures or behavioral analysis, but instead alerts on confirmed attacker interactions with decoy assets, providing accurate insiders threats detection. With many recognitions for its technical achievements, it adds another as Cyber Defense Magazine selected the Attivo ThreatDefendTM Platform as Editor’s Choice for ‘Insider Threat Detection’ in its 2019 Global Awards.
“While external attacks continue to command the most attention, it would be a mistake to overlook the threats that employees and suppliers represent. Many organizations now realize that their traditional defense systems aren’t designed to defend against insider threats,” said Srikant Vissamsetti, Senior Vice President of Engineering at Attivo Networks. “Applying Attivo Networks deception technology provides organizations with the tools to quickly and accurately detect policy violations and malicious insider activity. More importantly, it provides the substantiation needed to take decisive action.”
“Attivo Networks truly deserves this recognition for taking a bold approach to insider threat detection and response,” said Gary S. Miliefsky, Publisher, Cyber Defense Magazine. “The company received this award because it is continually trailblazing new and innovative ways of detecting and reducing the risk associated with insider threats.”
The challenges of effectively detecting and identifying malicious insider activity continue to grow as the methods of attackers evolve. This year’s Verizon Data Breach Investigations Report (DBIR) found that insider threat incidents have steadily risen since 2015. Additionally, the 2018 US Cybersecurity Insider Threat Report shows that 66% of organizations believe that malicious insider attacks or accidental breaches are more likely than external attacks.
Regardless of whether an attacker is a disgruntled or financially-motivated employee, contractor, or supplier, or an external actor using compromised credentials, security teams can use cyber deception to detect unauthorized network scans, credential theft and reuse, or attempts to access and steal data quickly. The company’s insider threat technology innovations include:
- Deception decoy servers and devices, file shares, credentials, files, databases, and other decoy elements which are intermingled within the production environment and alert upon engagement
- Application server decoys for detection of reconnaissance or alerting on the use of authorized credentials in unauthorized ways
- Active Directory protection, which identifies unauthorized queries, diverts attackers to decoys and delivers the attacker misinformation to derail their attack
- Deception for native cloud technologies, such as containers, serverless functions, and storage buckets
- Through the use of its machine-learning, visibility to exposed credentials that create attack paths and access as well as unauthorized devices added to the network
- Identification and substantiation of policy violations or malicious activity
Applying deception technology provides the tools an organization needs to quickly and accurately detect and identify suspicious or malicious insider activity. Security teams become better equipped with the data necessary to determine malicious intent and develop adversary intelligence. Plus, attack activity records and forensic evidence are recorded for support of administrative or legal proceedings, making it a powerful resource for reducing investigation time.
About Attivo Networks
Attivo Networks®, the leader in deception technology, provides an active defense for early detection, forensics, and automated incident response to in-network attacks. The Attivo ThreatDefend® Deception Platform provides a comprehensive and customer-proven platform for proactive security and accurate threat detection within user networks, data centers, clouds, and a wide variety of specialized attack surfaces. The portfolio includes extensive network, endpoint, application, and data deceptions designed to misdirect and reveal attacks efficiently from all threat vectors. Advanced machine-learning makes preparation, deployment, and operations fast and simple to operate for organizations of all sizes. Comprehensive attack analysis and forensics provide actionable alerts and native integrations that automate the blocking, quarantine, and threat hunting of attacks for accelerated incident response. The company has won over 100 awards for its technology innovation and leadership. For more information, visit www.attivonetworks.com.