Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Attivo Networks

Attivo Networks®, the leader in identity detection and response, delivers a superior defense for preventing privilege escalation and lateral movement threat activity. Customers worldwide rely on the ThreatDefend® Platform for unprecedented visibility to risks, attack surface reduction, and attack detection. The portfolio provides patented innovative defenses at critical points of attack, including at endpoints, in Active Directory, and cloud environments. Data concealment technology hides critical AD objects, data, and credentials, eliminating attacker theft and misuse, particularly useful in a Zero Trust architecture. Bait and misdirection efficiently steer attackers away from production assets, and deception decoys obfuscate the attack surface to derail attacks. Forensic data, automated attack analysis, and automation with third-party integrations serve to speed threat detection and streamline incident response. ThreatDefend capabilities tightly align to the MITRE ATT&CK Framework, and deception and denial are now integral parts of NIST Special Publications and MITRE Shield active defense strategies. Attivo has 150+ awards for technology innovation and leadership.

Our Website:

Latest Content From Attivo Networks

Whitepaper: Attivo Networks MITRE Shield Mapping

by Attivo NetworksJan 13, 2021

MITRE has launched a knowledge base named Shield that captures capabilities surrounding Active Defense and adversary engagements. The very first publication of this knowledge base is in the form of a matrix listing capabilities for Active Defense. Shield complements the MITRE ATT&CK knowledgebase (Adversarial Tactics, Techniques, and Common Knowledge), which is a highly-regarded tool in the Threat Intelligence Community for modeling cybersecurity threats. From a defender's perspective, the ATT&CK matrix provides a data model of how one should protect their enterprise against cybersecurity threats. Meanwhile, the Shield matrix provides the capabilities a defender must build for an Active Defense and adversary engagement in a post-breach situation.

Attivo evaluated its ThreatDefend® Platform capabilities against all Active Defense techniques and use cases documented per technique in the MITRE Shield Knowledge base. Download this paper to learn how the ThreatDefend components provide the building blocks needed for an Active Defense strategy.

Whitepaper: Accelerating SolarWinds Incident Response for Rapid Lateral Movement Detection

by Attivo NetworksJan 13, 2021

The SolarWinds breach is a prime example of an ongoing supply chain breach, and one should be aware that this has happened in the past and will happen again. As with any breach, discovering an attacker inside the network is extremely alarming. The focus should be to detect the attacker's attempts to move laterally in the network, evaluate their privileges, minimize their window of opportunity, and shut them out as fast as possible. This latest compromise with SolarWinds has magnified the impact as all their customers inherited the backdoor by following industry best practices to keep their software updated.

Download this solutions brief for more visibility on the anatomy of the attack and how Attivo Networks solutions can help

Whitepaper: Attivo Networks in a Zero Trust Architecture

by Attivo NetworksJan 13, 2021

As organizations increasingly move to cloud services, have more work locations, adopt Bring-Your-Own-Devices policies, and deploy Internet of Things (IoT) devices into their networks, their traditional way to protect a network perimeter must change. The castle-and-moat model of hardening network perimeters to prevent a compromise can no longer effectively provide security in a world of increasingly advanced and sophisticated threats. The Zero Trust model of security arose to address these threats.

Implementing a fully executed Zero Trust architecture is likely beyond the reach of most organizations today. However, by starting with individual capabilities that operate in complementary layers within the Zero Trust model, organizations will realize many benefits from an architecture built on conditional access control.

Most organizations will start Zero Trust with a focus on users and devices. Attivo Networks adds another layer of access control that focuses on applications and data to protect authorizations. The company's Zero Trust architecture, particularly in areas of data trust and application trust. Its deception and concealment technologies add a layer of controlled access management for organizations to validate user access to data and resources beyond the initial authorization.

Whitepaper: Calculating ROI for Attivo Deception and Concealment Technology

by Attivo NetworksJan 13, 2021

Today's information security landscape demands a layered defense but justifying the value of any single security control is always a challenge. As security professionals, CFOs, and other vital decision-makers recognize, there is no such thing as a silver bullet or a one-size-fits-all solution.

However, as shown by evaluating the Attivo solutions with the MITRE ATT&CK® and Shield frameworks, there is a demonstrable boost in performance and detection coverage.

Attivo's deception and concealment technologies can provide real, tangible, bottom-line benefits to organizations that choose to use them. This paper provides a comprehensive overview of the benefits and cost savings achieved through the use of Attivo Networks solutions.