Volume 24
trolled system, generating a full scale forensic anal-
ysis that can be exported into popular formats.
network.
June 2018 Edition
•
There are NO legitimate reasons for
a user to communicate with the Attivo BOT-
sink Solution, so any scans or attempts to
engage it represent an attacker trying to
find and target high-value network assets.
•
If the BOTsink Solution doesn’t see
anything, you can rest assured your assets
are safe, and you have the coverage you
need to identify a BOT or APT, as soon as it
enters your network.
•
The longer a BOT or APT engages
the Attivo BOTsink Solution, the more data
it collects and analyzes to support remedi-
ation and forensics.
•
With the BOTsink Solution, you can
quickly and efficiently strengthen your
overall security and shut down BOTs and
APTs to protect your IP and brand.
The Attivo analysis engine will analyze: Defend Your Network
• The techniques and methods of the attack
• Where the attacker is and which systems are infected
• Which systems will be infected next and how to quar-
antine the spread of the attack Reporting and Automations to Block Attacks
and Quarantine Devices
The forensic ability of the Attivo decep-
tion platform allows for unparalleled vis-
ibility into any attack on your network.
Improve Incident Response
with Actionable Alerts
Substantiated Alerts Based on At-
tacker Engagement: No False Posi-
tives
The Attivo BOTsink Solution provides
accurate, actionable alerts, with the in-
telligence you need to take immediate
action and stop BOTs and APTs in your
77