Attivo Networks®, the award-winning leader in deception for cybersecurity threat detection, today announced the availability of its ADSecure solution for Google Cloud’s Managed Service for Microsoft Active Directory (AD). The Google Cloud team has reviewed the Attivo solution that operates and reduces the risk of attack escalation for organizations running Active Directory with Google’s managed service.
Active Directory is estimated to be used by over 90% of businesses to organize users, computers, and services. Attackers target it frequently because it is a centralized directory that they can use to understand the network and gain the privileges that they need to advance their attacks. The requirement for open access and the availability of automated tools designed to help attackers break into AD make protecting this environment a challenge.
The Attivo ADSecure solution detects unauthorized queries within the managed AD service to reduce the risk of successful enumeration. The solution alters the query response and returns deceptive objects that misdirect attackers to a decoy when they try to use them. By detecting unsanctioned access to AD, security teams receive alerts early in the attack lifecycle, and the attacker is less likely to get the critical AD information they were seeking. Additionally, the ADSecure solution reduces the attack surface by misdirecting attackers into a deception environment that safely gathers TTPs (Tactics, Techniques, and Procedures) to aid in the development of company-specific threat intelligence and accelerated response. Further, the solution operates without altering the production AD, eliminating a critical adoption barrier presented by alternative security solutions.
“With more and more organizations moving to the cloud, there is a heightened need to protect their directory services located in the cloud,” said Marc Feghali, VP of Product Management for Attivo Networks. “For Google Cloud customers that are using a managed Active Directory service, the additional protection of ADSecure helps keep attackers from successfully querying Cloud Service Objects, domain controllers, Cloud OU resources like privileged users, computer groups, service accounts, and built-in privileged groups.”
“Customers are using our service to simplify AD deployment, management, and security in the cloud without managing infrastructure,” said Siddharth Bhai, Product Manager for Google Cloud. “They can now leverage ADSecure to further reduce the risk of attack escalations against their deployments.“
Learn more about Attivo Networks ADSecure here.
About Attivo Networks
Attivo Networks®, the leader in deception technology, provides an active defense for early detection, forensics, and automated incident response to in-network attacks. The Attivo ThreatDefend® Detection Platform provides a comprehensive and customer-proven platform for proactive security and accurate threat detection within user networks, data centers, clouds, and a wide variety of specialized attack surfaces. The portfolio includes extensive network, endpoint, application, and data deceptions designed to misdirect and reveal attacks efficiently from all threat vectors. Advanced machine-learning makes preparation, deployment, and operations fast and simple to operate for organizations of all sizes. Comprehensive attack analysis and forensics provide actionable alerts and native integrations that automate the blocking, quarantine, and threat hunting of attacks for accelerated incident response. The company has won over 125 awards for its technology innovation and leadership. For more information, visit www.attivonetworks.com.