SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Attivo Networks integrates with FireEye for advanced threat protection
Wed, 22nd Jul 2020
FYI, this story is more than a year old

Attivo Networks has integrated its ThreatDefend solution with both FireEye Endpoint Security and FireEye Malware Analysis.

The combined solution is designed to reduce time and resources required to detect and block attacks, while also collecting forensics to help organisations avoid future attacks.

Specifically, new capabilities allow customers to better utilise resources, analyse attacks, and remediate infected endpoints, ultimately decreasing the risk of breaches and data loss.

As cybercriminals get more focused on targeting a specific business, user account, or system, organisations need solutions that can face up to the threat, Attivo Networks states.

The latest integrations address changing critical requirements, the company states. The comprehensive solutions provide advanced threat detection and automated response as well as enhanced triage capabilities.

The Attivo ThreatDefend detection and response platform with FireEye Endpoint Security enables companies to detect and shutting down attackers that are already inside the network and expands on conventional techniques like signatures or behavioural detection.

The combined solution is designed to automatically detect and block threats and contain the attack to stop it from progressing.

It also provides visibility into attack activity and collects forensic information to help decrease the risk of future attacks, reducing response times and streamlining investigations.

The Attivo ThreatDefend detection and response platform with FireEye Malware Analysis features an integration with the Attivo BOTSink Management Server.

It automatically uploads payloads from infected decoys to FireEye Malware Analysis for review and to gather advance forensics information to block BOTs and APTs inside the network, isolating infected systems to contain the attack and stop data exfiltration.

Attivo Networks vice president of product management Marc Feghali says, “Cyber attackers have proven that they can infiltrate infrastructures of even the most security-savvy organisations.

“Attackers have also proven that, once inside, they can evade internal security solutions and traverse the network undetected.

“By collaborating with FireEye, we are delivering combined solutions that provide organisations with automatic in-network attack detection and blocking to reduce response times, as well as the forensics they need to strengthen their defenses against future attacks.

FireEye vice president of engineering and endpoint GM Michelle Salvado says, “Threats against organisations networks and data continue to grow in sophistication.

“With our intelligence led protection, detection and response capabilities, FireEye Endpoint Security delivers layered defence against known and unknown threats.

"With Attivo Networks, our joint customers benefit from advanced threat detection and automated response, along with enhanced triage capabilities, to help decrease risk.

The integrated solutions are both available immediately. Attivo Networks specialises in deception technology, providing an active defense for early detection, forensics, and automated incident response to in-network attacks.