Attivo Networks and Swimlane today announced a technology alliance partnership that brings together leading privilege escalation prevention and threat lateral movement detection with industry-leading security automation. The integration combines Attivo’s deception technology that deploys decoys to help hide critical assets with Swimlane’s automation platform. With this integration, security operations teams gain the ability to stay ahead of would-be attackers by identifying attack methods before the attack reaches its intended target.
Attivo’s deception technology tricks attackers into releasing attacks on decoy environments, leaving behind a trail of forensics. This forensic data acts as an early warning sign of attackers targeting specific assets and allows organizations to identify actual attack methods adversaries deploy against them. Security teams gain a head start to bolster defenses in critical areas, launch different decoys to learn more about the attack, or trigger an automated response using any integrated tools. Organizations can also configure Swimlane to deploy Attivo’s decoys as part of an automated workflow for immediate response.
“Visibility into where an attack is coming from and what attackers are targeting before they affect those assets is invaluable. Automated and continual monitoring of incidents during the eradication and recovery phases of incident response is a key capability that Swimlane and Attivo are providing,” said Karen Wood, VP of Global Partner Strategy at Swimlane. “By addressing alert overload, analyst churn, slow response to zero-day attacks, and efficiency issues, joint customers of Swimlane and Attivo are gaining critical insights into their risk posture and targeted remediation plans.”
Key benefits of this partnership include speed and consistency. With an automated prevention posture, Swimlane can launch responses to harden defenses at machine speeds. This faster time to resolution is critical during an attack, as each second counts. Machine-speed response also provides a much greater chance of stopping zero-day attacks. Swimlane workflows enable users to achieve a uniform response across their organization for repetitive alerts, taking human error out of the equation when requiring these responses.
“Swimlane excels at helping organizations achieve more efficiency in their security operations. Through their centralization of all integrated tools and data, customers can reach across traditional product silos to take action with any integrated tool within the SOC,” said Srikant Vissamsetti, senior vice president of engineering, Attivo Networks. “Automated malware analysis is also a key benefit of our partnership. Any alert from a Swimlane integrated vendor can be automatically enriched and submitted to Attivo Networks for further analysis on any malware.”
By partnering with Attivo Networks, Swimlane is continuing to champion security operations teams by improving analyst retention and growing internal tribal knowledge. When analysts must no longer spend their day copy-pasting, switching tools, or waiting for results to load, it improves worker satisfaction. Both Attivo Networks and Swimlane are members of the McAfee MVISION Marketplace, and both have trial offerings available for free. Click here for more information.
About Attivo Networks
Attivo Networks®, the leader in identity detection and response, delivers a superior defense for preventing privilege escalation and lateral movement threat activity. Customers worldwide rely on the ThreatDefend® Platform for unprecedented visibility to risks, attack surface reduction, and attack detection. The portfolio provides patented innovative defenses at critical points of attack, including at endpoints, in Active Directory, and cloud environments. Data concealment technology hides critical AD objects, data, and credentials, eliminating attacker theft and misuse, particularly useful in a Zero Trust architecture. Bait and misdirection efficiently steer attackers away from production assets, and deception decoys obfuscate the attack surface to derail attacks. Forensic data, automated attack analysis, and automation with third-party integrations serve to speed threat detection and streamline incident response. ThreatDefend capabilities tightly align to the MITRE ATT&CK Framework, and deception and denial are now integral parts of NIST Special Publications and MITRE Shield active defense strategies. Attivo has 150+ awards for technology innovation and leadership. www.attivonetworks.com.
Swimlane is at the forefront of security automation solutions, including SOAR use cases, and was founded to deliver scalable and flexible security solutions to organizations struggling with alert fatigue, vendor proliferation, and chronic staffing shortages. Swimlane’s security automation platform helps organizations address all security operations (SecOps) needs, including prioritizing alerts, orchestrating tools, and automating the remediation of threats—improving performance across the entire organization. Swimlane is headquartered in Denver, Colo., with operations throughout North America, Central America, Europe, the Middle East, and Australia. For more information, visit www.swimlane.com.