- Can you outline to our readers what products, solutions, or partnership agreements you’re announcing at GITEX Global 2021?
At GITEX Global 2021, our focus will be on introducing solutions under the new category of Identity Detection and Response (IDR), an umbrella for identity-based attack detection. IDR is about protecting credentials, privileges, and the systems that manage them. IDR is different from authorisation and authentication, which focuses on ensuring the right people can access what they need.
Attivo Network’s solutions that fall under identity security are:
Identity Detection and Response (IDR) solution
The Attivo IDR solution provides detection and response capabilities for protecting credentials and Active Directory. It is endpoint-based and designed to detect lateral movement and privilege escalation. Over 42% of respondents from a 2021 ESG Endpoint Security survey stressed that protecting Active Directory is core to their endpoint defense. The Verizon 2021 Data Breach Investigation Report findings state that 81% of breaches leveraged stolen or weak passwords. Attivo offers the solution as the Endpoint Detection Net (EDN) Suite.
- It is the first line of defense against credential theft and misuse. This solution hides credentials and binds them to the applications, blocking unauthorised access. Plus, deception credentials misdirect and lure attackers into engaging and revealing themselves. By controlling the path of the attack, organisations gain the advantage of promptly detecting, analysing, and stopping an attacker.
- It prevents attackers from accessing information from Active Directory. It efficiently conceals the real objects and returns fake information when an attacker queries AD to access critical assets in the network.
Identity Visibility solution
Attivo visibility products provide unprecedented awareness to exposures, vulnerabilities, and attack paths that attacks will leverage to advance their attacks. The Verizon 2021 Data Breach Investigation Report attributes over 60% of breaches to credential theft, and findings by Gartner, Inc. state that over 95% of entitlements in the cloud never get used, which creates a massive risk for organisations. Plus, Mandiant, in their Ransomware Readiness communications, points to Active Directory exposures as the #1 reason why ransomware breaches keep occurring. These products can be purchased individually or as part of an identity visibility bundle.
- The ADAssessor solution provides continuous visibility to Active Directory (AD) exposures vulnerable to attack and detects advanced AD attacks in real-time.
- The IDEntitleX solution, a Cloud Infrastructure Entitlement Management (CIEM) offering, is designed to deliver visibility and reduce the attack surface for identities and entitlements in the cloud. The solution expands the company’s leadership position to provide unprecedented visibility and prevent identity privilege escalation and lateral movement threat activity. With this product, Attivo becomes the only solution of its kind to provide end-to-end analysis of identity and entitlement exposures and risks on endpoints, Active Directory (AD), and the cloud.
- The ThreatPath solution discovers exposed credentials throughout the network that enable lateral movement, which attackers use to move through a network searching for assets.
Identity Visibility Protection Bundle
This bundle provides customers the functionality found in both the Identity Detection and Response Bundle and the Identity Visibility Bundle. All solutions operate under a common central management console for easy upgrade and expansion, allowing seamless addition or combination with Attivo cyber deception and misdirection technologies.
- How important is it for your company to participate at GITEX Global 2021, in terms of getting to network face-to-face with your customers and partners?
Participating in GITEX Global 2021, where our channel partners and customers are present, provides us insight into maintaining our position as a leader in identity security, delivering a superior defence for preventing privilege escalation and lateral movement threat activity. In this event, we aim to have meaningful dialogues with our stakeholders and showcase our new identity security solutions, as we are the only ones providing a solution that incorporates end-to-end analysis of identity and entitlement exposures and risks on endpoints, Active Directory (AD), and the cloud.
- In your opinion, what are the key technologies that will fuel new innovations in 2022?
Gartner estimates that in 2023 three-quarters of all security breaches will result from inadequate management of identities, access, and privileges. As identity-based attacks are increasing in frequency, there is a need for a new security category that fills in the gaps in the existing identity security landscape. IDR differentiates itself from identity protection systems in that it focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them. It represents an important step forward, marking the introduction of a new category of security tools.
As modern cybercriminals attempt to exploit vulnerable credentials and entitlements to move through networks undetected, IDR solutions play a meaningful role in stopping them, whereas other tools simply cannot. And as these attackers evolve in their approach of infiltrating and moving laterally in the network, defenders will need to be innovative to detect and derail such attacks before they cause any actual harm to the organisation.