SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Attivo solutions launch on McAfee marketplace
Mon, 16th Nov 2020
FYI, this story is more than a year old

Attivo Networks is one of the first McAfee Security Innovation Alliance (SIA) partners to be included on the new McAfee MVISION Marketplace.

The marketplace is a platform that allows customers to procure McAfee and Attivo solutions.

McAfee MVISION EDR prevents attackers from compromising an endpoint and the Attivo Endpoint Detection Net (EDN) suite prevents attackers from breaking out of an endpoint if they happen to get in.

The EDN suite complements MVISION EDR by detecting and protecting against active directory attacks, credential theft, and privilege escalation while reducing the attack surface by finding and remediating exposed credentials.

“McAfee MVISION EDR plus Attivo EDN is a comprehensive solution for superior endpoint security as evidenced by the MITRE ATT-CK framework. We are pleased to be a part of the MVISION marketplace and offer innovation for the best possible endpoint protection and lateral movement threat detection,” says Attivo Networks product management vice president Marc Feghali.

“We are excited to work with Attivo Networks on delivering pre-integrated, best in industry solutions through the MVISION Marketplace. Attivo's Endpoint Detection Net adds Credential theft protection and Active Directory Compromise Prevention to McAfee's comprehensive endpoint security and EDR solution. Through the marketplace, our customers can now easily compose a more comprehensive security solution.” adds McAfee global enterprise product strategy and alliance head Javed Hasan.

Through the marketplace, customers can try Attivo solutions before they buy and, after trials, move to production through a purchasing step.

Solutions offered through the marketplace include:

Endpoint Detection Net (EDN) Suite

A line of defence for credential protection and lateral movement detection.

The solution provides three levels of credential defence that complement EDR detection capabilities.

The first provides the ability to find and remediate exposed credentials. The second obfuscates real credentials among fake credentials that alert on attempted use. The third level of defence protects Active Directory from exploitation by hiding real AD objects and returning fake information to unauthorised queries. 

ADSecure

Organisations most interested in preventing privilege escalation and protecting administrative credentials and service accounts can choose a standalone version of ADSecure. The same technology that is available within EDN can be purchased separately.

With ADSecure, organisations conceal enterprise resource information, reduce the attack surface, and alter what the adversary sees as a means to disrupt and derail attacks.

Exposed credential visibility

As a feature within EDN, the ThreatPath functionality provides continuous monitoring and reduction of the attack surface (on-premises or in the cloud) by identifying and automatically removing exposed credentials and local and shadow admin accounts left on endpoints that attackers can use to move laterally in the network.

Security teams can also view historical data to see exposed critical paths, local administrator accounts, misconfigured SMB shares, browser credentials, and more.

Not available as a standalone offering.