sb-as logo
Story image

Attivo Networks & SentinelOne combine endpoint security offerings

03 Dec 2020

Attivo Networks and SentinelOne have teamed up to combine cybersecurity defences and stop attackers in their tracks.

The two companies will combine their solutions, bringing endpoint protection and attack disruption together as a joint solution to the market. Furthermore, Attivo Networks has also joined the SentinelOne Singularity Partner Program.

“We are proud to work with SentinelOne and join the company’s Singularity Partner Program to help bolster endpoint security with Active Directory protection, credential theft detection, and credential exposure prevention,” says Attivo Networks A/NZ regional director Jim Cook. 

SentinelOne’s Singularity XDR platform provides endpoint protection, endpoint detection, and response, as well as IoT security, cloud security, and IT operations capabilities.
Attivo Networks’ Endpoint Detection Net protects Active Directory and credentials on endpoints, preventing attacks against these, as well as privilege escalation.

When used together, the SentinelOne XDR platform prevents attackers from compromising an endpoint while the Attivo EDN suite prevents attackers from breaking out of that endpoint if they manage to get in, the two companies explain.

“The Attivo EDN solution is a perfect complement to the SentinelOne Singularity XDR platform and will seamlessly add visibility to credential-based attacks, deny the adversary access to the data they seek, and derail them with misinformation every step of the way,” says Cook.

Active Directory protection, ADSecure, includes alerts when an attacker queries Active Directory, and also provides misinformation to lure the attacker away from the genuine production environment to slow or stop attacks. This protection happens from the endpoint, without touching production AD Domain Controllers.

The joint solution includes Attivo EDN, which operates on the endpoint. With the help of machine learning to create authentic-looking credentials that look like what employees use, the solution lures attackers in and diverts them away from real assets.

The Attivo EDN suite also provides continuous monitoring and reduction of the attack surface by identifying and automatically removing exposed credentials and local and shadow admin accounts left on endpoints that attackers can use to move laterally in the network. 

Security teams can also view historical data to see exposed critical paths, local administrator accounts, misconfigured SMB shares, browser credentials, and other information. 

“ It takes little effort to deploy, so even organisations without a mature visibility program can immediately benefit from understanding their credential-based vulnerabilities and an attacker’s opportunities for lateral movement,” the companies explain.

 Attivo Networks has joined the SentinelOne Singularity Partner Program, which enables the two companies to sell and support customers. 
 

Story image
Pandemic sees organisations of all sizes and industries invest in CTI
There is opportunity for organisations to better manage their cyber-threat intelligence for greater security and threat intelligence effectiveness by adopting the right tools and processes.More
Story image
Software-based facial recognition in payments industry to dominate by 2025
There will be more than 1.4 billion users of facial recognition software used for payments alone in 2025, up from 671 million in 2020.More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
97% of organisations experienced a mobile threat in 2020 — report
93% of these attacks originated in a device network, which includes attempts to trick users into installing a malicious payload via infected websites or URLs, or to steal users’ credentials.More
Story image
Users becoming more savvy with COVID phishing scams
“With COVID-19 being around for over a year now and employees becoming more aware of the types of scams that have come out related to the pandemic, cyber criminals are having less success with related phishing attacks."More