Attivo Networks Products

Deception Technology

The BOTsink architecture uses an Analyze, Monitor and Record (AMR) Engine to feed events into its patented Multi Dimensional Correlation?Engine (MDCE) to generate an attack sequence.?The MDCE captures and analyzes the BOT and APT activities are providing the actionable intelligence needed to quickly and effectively shut down a breach.

Information Relay Entrapment System (IRES)

Ability to detect stolen employee credentials; Stops the exfiltration of information before damage can be done; Integrates with other security eco-system devices including the Attivo BOTsink, firewalls, and SIEM devices; Uses deception and decoy techniques to entice malware to attack BOTSink Solution as opposed to other network resources; No impact and dependency on other endpoint security products

BOTsink Solution

Lures BOTs and APTs scanning or targeting valuable corporate assets to "attack" the Attivo's deception platform; Detects and Identifies BOT and APT infections that already exist inside the network; Isolates BOT and APT activities before damage can be done; Prevents outbound Command and Control activity and propagation; Provides high confidence alerts that validate BOT and APT threats with intelligence to take immediate action; Supplies full forensics to help extract signatures, determine tactics, techniques, and procedures throughout malware lifecycle; Out-of-the-box or Customizable pre-configured to deliver immediate value upon deployment or highly customizable for additional deception authenticity; Seamless Integration with existing security infrastructure; Fast and easy deployment as an appliance or virtual appliance to protect your varied network and cloud environments