We've unified Citrix solutions and our portfolio. Learn more .

ThreatDefend® Platform

Citrix Ready Product Image / Logo

ThreatDefend is a comprehensive, scalable detection platform designed for the early detection of external threat actors and insiders (employees, suppliers, contractors) and for accelerating incident response.

Request Product Details

Compatibility

  • Citrix Virtual Apps and Desktops service (XenApp & XenDesktop service)
  • Citrix Virtual Desktops (XenDesktop)
  • Citrix ADC (NetScaler ADC)
  • Citrix Virtual Apps (XenApp)
  • Citrix Gateway (NetScaler Gateway)

Product Details

The ThreatDefend® Deception Platform is a modular solution comprised of Attivo BOTsink® deception servers for decoys, ThreatOps® incident response orchestration playbooks, the Attivo Central Manager (ACM ) and the Informer dashboard for adversary intelligence; and the Endpoint Detection Net (EDN) suite, composed of the ThreatStrike® endpoint module, ThreatPath® for attack path visibility, and ADSecure for Active Directory defense.

Features

  • IN-NETWORK THREAT DETECTION
    Early endpoint, network, application, and data post-compromise threat detection.
  • ATTACK SURFACE SCALABILITY
    Deception for evolving attack surface: data centers, cloud, user networks, remote office, specialty networks.
  • EASY DEPLOYMENT & OPERATIONS
    Flexible deployment options and machine-learning for ongoing campaign authenticity and refresh.
  • SUBSTANTIATED ALERTS & FORENSICS
    Actionable alerts from attacker engagement or credential reuse. Full forensics for actionable response.
  • ATTACK ANALYSIS
    Automated attack analysis and correlation improves time-to-remediation.
  • THREAT INTELLIGENCE
    High interaction attacker engagement and DecoyDocs produce threat, adversary, and counterintelligence.
  • ACCELERATED INCIDENT RESPONSE
    Extensive 3rd party automations accelerate incident response to block, isolate, and threat hunt.
  • ATTACK PATH VULNERABILITY ASSESSMENT
    Understand attack path vulnerabilities based on exposed credentials and misconfigurations.
  • VISIBILITY & ATTACK MAPS
    Topographical maps for network visualization and time-lapsed attack replay.