Attivo Networks and ForeScout Team Up For Real-Time Threat Detection

kdb_training_bootcampAttivo Networks has announced a partnership and technology integration with ForeScout Technologies, Inc., a provider of agentless cybersecurity.

The combined solution will provide real-time detection of cyber-attacks and will automatically update the ForeScout CounterACT solution. The integration is designed to “dramatically reduce incident response time and provide customers the ability to help prevent the exfiltration of company data and the spread of infection to other devices,” according to a press release.

The Attivo Deception Platform has two primary products which both integrate with ForeScout CounterACT: the BOTsink management platform, which is designed to provide inside-the-network threat detection, attack analysis, and forensics, and the Attivo End-Point Deception Suite, which provides the end-point deception lures used to “deceive and misdirect attackers.”

The integration with the BOTsink management platform includes the detection of all vectors of cyber-attack including reconnaissance, stolen credentials, phishing, ransomware and multi-stage exploit kits. Attack information gathered from engagement with an attacker is analyzed and automatically communicated to CounterACT for the automated blocking of data exfiltration and communications with Command and Control, and to quarantine the infected device from the network so that additional systems do not become infected.

Integration with the Attivo End-point Deception Suite and CounterACT provides an additional option to expedite and simplify the deployment of the Suite for large-scale end-point deployments. Integrations with Microsoft Active Directory and Casper are also available deployment options.

“Cyber-attackers have had the historical benefit of being able to run under the radar, which has given them time to mount their attacks,” said Tushar Kothari, CEO of Attivo Networks. “Together with ForeScout Technologies, we remove this advantage by detecting the attacker’s presence in real time and stopping the attacker in their tracks by instantly quarantining them off the network. This is invaluable to protecting organizations from ransomware and other attacks designed to spread quickly through a network.”

Endpoint_Buyers_Guide_No_DLDon’t Get Hacked. 

Compare Top Endpoint Security Providers with the 2016 Endpoint Security Buyer’s Guide.

  • 24 Vendor Profiles and Capabilities References
  • 10 Top Questions for Buyer’s
  • Complete Market Overview
Download
Follow Jeff

Jeff Edwards

Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published. Required fields are marked *