Attivo Networks releases machine learning-driven deception solution
ThreatDefend platform automates deception solutions to thwart hackers
Attivo Networks has released a new machine learning-based solution which will enable organisations to deploy advanced network decoys and deception.
The new ThreatDefend platform has been designed to automate decoy generation across different environments and with the ability to scale.
The platform lowers the total cost of ownership by completely automating the deployment and maintenance of the most authentic and comprehensive deception environment. It accomplishes all of this transparently and without adding any agents to the production environment.
ThreatDefend can protect on premise, remote, and cloud operations and completely integrates into any customer's security workflow.
"To successfully outmaneuver attackers, deception solutions need to be dynamic, authentic, and enticing to an adversary," said Ray Kafity, Vice President, Middle East, Turkey & Africa at Attivo Networks. "By leveraging machine learning capabilities, Attivo Networks makes it easier than ever to deploy, manage, and operate deception by automating the creation and deployment of decoys and lures. This maintains the credibility of the environment, effectively reducing dwell time and accelerating incident response."
The ThreatDefend platform overcomes issues commonly faced by deception solutions of scalability and management challenges, or compromised authenticity for ease of use, the company said. The new solution utilises machine learning to automatically profile a network and generate a matching deception environment. The technology is able to distinguish the difference between IoT devices, SCADA environment, and an enterprise network as well as different credential naming conventions. The system continuously learns the environment to enhance deception, and can generate and execute deception campaigns automatically. The continuous learning and operation also determines when the solution needs to update or deploy new elements. It can also react to suspect behaviour and expand the deception surface. This prevents ‘fingerprinting' by attackers who would then know what to avoid.
Ultimately, behavioural deception based upon machine learning means that all deception elements can blend seamlessly into the environment and become indistinguishable from production assets; that deceptive environments can continuously evolve and scale; and that attackers cannot defeat the deception by profiling. All, with easy automated management, deployment, and operation.