Attivo Networks Deception

The aim of deception technology is to prevent a cybercriminal that has managed to infiltrate a network from doing any significant damage. The technology works by generating traps or deception decoys that mimic legitimate technology assets throughout the infrastructure. These decoys can run in a virtual or real operating system environment and are designed to trick cybercriminals into thinking they have discovered a way to escalate privileges and steal credentials. Once a trap is triggered, notifications are broadcast to a centralized deception server that records the affected decoy and the attack vectors that were used by the cybercriminal.

The Attivo Networks® BOTsink® server provides the foundation for the ThreatDefend® Deception and Response Platform. Using dynamic deception techniques and a matrix of distributed decoy systems, the entire network becomes a trap designed to deceive attackers and their automated tools. As an early warning system for in-network threats, the Attivo Networks BOTsink solution quickly and accurately detects threats that have by bypassed other security controls. The solution efficiently detects attacker reconnaissance and lateral movement without relying on known attack patterns or signatures.