product-logo

ThreatDefend® Platform

Attivo Networks  |  Website

ThreatDefend is a comprehensive, scalable detection platform designed for the early detection of external threat actors and insiders (employees, suppliers, contractors) and for accelerating incident response.

Request Product Details

Compatibility

  • down-arrow Citrix Virtual Apps and Desktops service (XenApp & XenDesktop service)
    Citrix Virtual Apps and Desktops service
  • down-arrow Citrix Virtual Desktops (XenDesktop)
    1903, 1906, 1909, 1912 LTSR, 2003
  • down-arrow Citrix ADC (NetScaler ADC)
    10.5 VPX, 10.5 MPX, 11.1 VPX, 11.1 MPX, 12.0 VPX, 12.0 MPX, 12.1 VPX, 12.1 MPX, 13.0 VPX, 13.0 MPX
  • down-arrow Citrix Virtual Apps (XenApp)
    1903, 1906, 1909, 1912 LTSR, 2003
  • down-arrow Citrix Gateway (NetScaler Gateway)
    10.5, 11.1, 12.0, 12.1, 13.0

Product Details

The ThreatDefend® Deception Platform is a modular solution comprised of Attivo BOTsink® deception servers for decoys, ThreatOps® incident response orchestration playbooks, the Attivo Central Manager (ACM ) and the Informer dashboard for adversary intelligence; and the Endpoint Detection Net (EDN) suite, composed of the ThreatStrike® endpoint module, ThreatPath® for attack path visibility, and ADSecure for Active Directory defense.

Features

  • IN-NETWORK THREAT DETECTION
    Early endpoint, network, application, and data post-compromise threat detection.
  • ATTACK SURFACE SCALABILITY
    Deception for evolving attack surface: data centers, cloud, user networks, remote office, specialty networks.
  • EASY DEPLOYMENT & OPERATIONS
    Flexible deployment options and machine-learning for ongoing campaign authenticity and refresh.
  • SUBSTANTIATED ALERTS & FORENSICS
    Actionable alerts from attacker engagement or credential reuse. Full forensics for actionable response.
  • ATTACK ANALYSIS
    Automated attack analysis and correlation improves time-to-remediation.
  • THREAT INTELLIGENCE
    High interaction attacker engagement and DecoyDocs produce threat, adversary, and counterintelligence.
  • ACCELERATED INCIDENT RESPONSE
    Extensive 3rd party automations accelerate incident response to block, isolate, and threat hunt.
  • ATTACK PATH VULNERABILITY ASSESSMENT
    Understand attack path vulnerabilities based on exposed credentials and misconfigurations.
  • VISIBILITY & ATTACK MAPS
    Topographical maps for network visualization and time-lapsed attack replay.