Attivo Networks®, an award-winning leader in deception for cybersecurity threat detection, today announced an integration with Microsoft to further enhance detection and response for Azure IoT Edge with the ThreatDefend® platform. Since the intelligent edge is a prime target for attackers, Azure IoT Edge actively addresses these inherent risks by collaborating with innovative security companies such as Attivo who are effective at efficiently detecting attackers in these emerging environments. The integration provides customers a reliable way to quickly and confidently detect, redirect, and respond to in-network attackers.
“Efficiently detecting cloud-based attacks on containers and Internet of Things (IoT) devices remains a significant challenge for legacy security controls,” said Venu Vissamsetty, VP Security Research of Attivo Networks. “We are excited to partner with Microsoft to deliver the visibility, early detection, and accelerated response that organizations need to combat advanced attackers and leverage the maximum benefits of the Intelligent Edge.”
Michal Braverman-Blumenstyk, CTO and GM, Cloud and AI Security Division at Microsoft Corp. said, “At Microsoft, we’re committed to providing a trusted, easy-to-use platform that allows customers to securely build and unlock the value of their IoT deployments. Our collaboration with Attivo Networks strengthens the security framework of Azure Security Center for IoT Edge with effective, deception-based detection, enabling organizations to meet evolving security needs.”
The Azure IoT Edge is a fully managed service built on Azure IoT Hub. Organizations can deploy cloud workloads to run on IoT edge devices via standard containers. By moving certain workloads to the edge of the network, devices spend less time communicating with the cloud, react more quickly to local changes, and operate reliably even in extended offline periods.
The joint Attivo ThreatDefend® and Azure IoT Edge solution is designed to seamlessly deploy Azure IoT modules as decoys for early and accurate threat detection. Security teams can also deploy ThreatDirect® forwarders in remote IoT edge devices from the Azure IoT Hub console and project deception at scale across the enterprise cloud, IoT, industrial, and medical networks to protect their entire infrastructure. This jointly developed solution is available in the Azure Marketplace.
The Attivo ThreatDefend® solution works by creating a fabric of deceptive assets that proactively deceive and redirect attackers into revealing their presence. When attackers target IoT edge devices, attempting to conduct reconnaissance or move laterally, they will discover assets that appear identical to production systems. Any active observation will cause the attack to be redirected into the deception environment. The solution then raises an engagement-based alert that automatically notifies the Azure Security Center. Additionally, forensics and company-specific intelligence on the attack are gathered and can be used for understanding attacker methods, intent, and strengthening security defenses.
At RSAC 2020, taking place February 24 – 28 in San Francisco, Microsoft will lead a theater session detailing its collaboration with innovative security companies, titled: “Azure Security Center for IoT in Microsoft Intelligence Security Association.”
About Attivo Networks
Attivo Networks®, the leader in deception technology, provides an active defense for early detection, forensics, and automated incident response to in-network attacks. The Attivo ThreatDefend® Deception Platform provides a comprehensive and customer-proven platform for proactive security and accurate threat detection within user networks, data centers, clouds, and a wide variety of specialized attack surfaces. The portfolio includes extensive network, endpoint, application, and data deceptions designed to misdirect and reveal attacks efficiently from all threat vectors. Advanced machine-learning makes preparation, deployment, and operations fast and simple to operate for organizations of all sizes. Comprehensive attack analysis and forensics provide actionable alerts and native integrations that automate the blocking, quarantine, and threat hunting of attacks for accelerated incident response. The company has won over 125 awards for its technology innovation and leadership. For more information, visit www.attivonetworks.com.