Volume 24
Additionally, through extensive 3rd party integrations
the ThreatDefend platform shares IOC information,
accelerates incident handling, and creates repeatable
incident response playbooks for efficiency in threat re-
mediation.
June 2018 Edition
DecoyDocs also adds counterintelligence on what
types of documents attackers are targeting and
through geo-location, where the documents are being
accessed.
Ease of Use
Information sharing and improving the
ability to respond to threats has been a Attivo Networks provides the most flexible
and fastest deployment options through
key topic for security teams.
the ThreatDefend platform, software distri-
The ThreatDefend platform delivers upon this bution (SCCM, Casper) or host management
promise with extensive 3rd party integrations to (GPO or WMI- built-in windows tools), REST
share attack data and automate the inci dent han- APIs and 3rd party integrations like McAfee
dling and threat hunting processes.
EPO & ForeScout.
Furthermore, the platform provides visibility tools
for understanding device adds and changes to
the network, vulnerable attack paths based on ex-
posed, orphaned, and misused credentials, and at-
tack path replay for gaining a better understanding
on how the attacker attacked and strategies he may
have used.
Network deception is out of band so there is no
network interference to deploy, and endpoints
are agentless for easy deployment.
The solution includes the ability to auto-propose decep-
tions based on machine learning of the environment,
making deployment and ongoing management simple.
71