Volume 16
These are critical to protecting a network , but are not effective against new strains of malware , stolen credential attacks or the employee , contractor or supplier that already has access within the network .
In today ’ s connected society , it is imperative that government IT teams take an assumed breach security posture and augment traditional prevention technology with detection technology .
Access control and monitoring are important , but should also be augmented by detection technologies that take a different approach to pattern matching or data base look up .
Deception technology has been growing in adoption based on its efficiency in detecting in-network attackers by laying traps and lures designed to deceive attackers into revealing themselves .
Deception-based detection technology , such as Attivo Networks ’ ThreatDefend™ Deception and Response Platform , provide the eyes and ears visibility to the threats that have evaded prevention solutions .
When placed as a layer of defense inside the network along with traditional prevention security controls , this creates a formidable , comprehensive adaptive defense to prevent breaches before maturation .
September 2017 Edition
In particular , ThreatDefend provides detection of attacker reconnaissance , stolen credential , and Active Directory attacks , while providing automated attack analysis that can be used to better understand the attack and accelerate incident response .
Government organizations including DoD , civilian and the intelligence community have long qualification processes for new products , run on systems that are not easy to take off-line or run on older systems that cannot be patched , making them more vulnerable to attack .
An aggressive detection capability that lets them know when security controls fail should be a part of every agency ’ s modernization plans .
Why deception technology ? Deception accurately and efficiently detects innetwork threats that have bypassed prevention and evaded other detection security controls .
Designed for in-network detection , the solution will outmaneuver modern-day attackers and deceive them into revealing their presence .
Authentic decoys that appear identical to production assets , attractive lures , and adaptive deception campaigns make the entire network a trap and creates a setting where what is real and what is not becomes unclear to the attacker .
The ThreatDefend solution is designed for efficient , early detection of advanced cyber threats targeting sensitive government information such as employee PII , communications systems , missile systems and infrastructure such as dams and power plants .
ThreatDefend high-interaction network and endpoint deception reduces the time to detection , cutting into that critical window between attack and discovery , while automated attack analysis , high-fidelity alerts , third-party integrations , and playbooks are used to accelerate incident response .
Additionally , the ThreatDefend platform address- 32