Attivo Networks expands identity infrastructure for Azure AD
Security and lateral movement attack prevention firm Attivo Networks has announced it has expanded its identity infrastructure assessment technology for Azure Active Directory.
The new capabilities add hybrid environment support for continuous exposure visibility and provide remediation guidance for on-premises, cloud, and managed AD environments.
According to Attivo Networks, nearly 80% of attacks are caused by threat actors leveraging identity security gaps to gain privileged access and move laterally throughout the network to execute their attack plans.
The release adds to the company's existing identity security portfolio, which provides more than 200 checks for exposures that adversaries use to gain privileges, install backdoors, and proliferate malware. The new enhancement adds 15 additional automated Azure AD risk health checks and remediation guidance.
"The Attivo ADAssessor solution continues to provide essential identity exposure visibility across on-premises and cloud deployments, now including Azure AD," says Srikant Vissamsetti, senior vice president of engineering at Attivo Networks.
"Enterprises can now reduce risk by finding, fixing, and remediating exposures within AD," he says.
"Our technology limits the attackers ability to identify sensitive targets, compromise misconfigurations, move laterally, and gain persistence across hybrid environments."
Enterprise Management Associates recently analysed the rapid increase of Active Directory exploits and identity-based attacks, as well as the industry's response to this growing threat. More than 70% of organisations reported that they had accepted AD exposures due to operational concerns, and only 33% stated they believed they could defend against AD attacks in real-time. Over half of organisations surveyed plan to prioritise securing Active Directory further to defend themselves against identity-based attacks.
"With this enhanced offering, organisations can easily boost their protection of Active Directory in Azure and on-premises, gaining continuous visibility with actionable insight into exposures, and misconfiguration for domains, users, and devices," says Vissamsetti.
"ADAssessor is the gold standard for easy, scalable use, deploying without elevated privileges to a single standard workstation within the AD forest."
The solution includes a management console for analysis and management.
Attivo Networks specialise in Identity Threat Detection and Response, and protects against identity compromise, privilege escalation, and lateral movement attacks. Through data cloaking, misdirection, and cyber deception, the platform prevents attack escalation across Active Directory, cloud environments, and devices.
Attivo Networks has entered into a definitive agreement to be acquired by SentinelOne.
SentinelOne plans to extend its AI-powered prevention, detection, and response capabilities to identity-based threats with the acquisition.
Under the agreement terms, SentinelOne will acquire Attivo Networks in a cash and stock transaction valued at $616.5 million. The acquisition is expected to close in SentinelOne's upcoming fiscal second quarter, subject to regulatory approval and customary closing conditions.
The two companies say they will deliver comprehensive identity security as part of Singularity XDR for autonomous protection, including: