Volume 24
June 2018 Edition
The ThreatDefend platform is recognized for its comprehensive network and endpoint-based deception, which turns user net-
works, data centers, cloud, remote offices, and even specialty environments such as IOT, ICS-SCADA, point-of-sale, telecom, and
network infrastructure systems into traps and a “hall of mirrors” environment that will confuse, misdirect, and reveal the presence
of attackers.
Attivo ThreatDefend Deception and Deception Authenticity and Campaigns
Response Platform at a Glance
Camouflage for Dynamic Behavioral Deception
Comprehensive Deception and Decoy
Discover, assign, and refresh decoys, credentials, and
attacker bait dynamically with automated, self-learn-
Make the Entire Network a Trap to Confuse and
ing deception campaigns.
Misdirect Attackers into Revealing Themselves
• Intelligent deployment of deceptive assets to match
• Decoys appear identical to production assets, luring
the behavior of a user’s network.
attackers into revealing themselves.
• Continuously monitor, evolve, refresh, deceptive cre-
• Decoy configurations run real Linux, Mac, and Win-
dential and lures.
dows OS and are customizable to match the “golden
• Self-healing technology dynamically respins decoys
image” of the production environment.
after engagement, preventing attacker fingerprinting
• Deception lures (bait) redirect attackers trying to infect
and identification.
endpoints, servers/VMs to engagement servers for de-
tection.
• Bait includes deception credentials, ransomware bait, Automated Deception Campaign De-
ployment
75
and other deception lures.