Attivo brings deception technology to Amazon Web Services

Technology lures attackers to decoy machines to find out what mischief they are up to

attivo-brings-deception-technology-to-amazon-web-services

A new U.S. National Institute of Standards and Technology guide for electric utilities offers ways they can shore up their cybersecurity efforts.

Credit: IDGNS

Attivo Networks, a startup launched last year, has upgraded its deception technology so businesses can deploy it within the portion of their corporate cloud that is hosted by Amazon Web Services.

That means customers can lure attackers to what looks like legitimate physical and virtual machines among their production AWS resources. It lets attackers carry out their exploits harmlessly to see what damage they are trying to do. This information can be used to find instances of the attack against real physical and virtual machines that are in use.

+More on Network World: FBI: Major business e-mail scam blasts 270% increase since 2015+

Along with support for AWS, the company is introducing an upgraded management system that gives a single view of all the Attivo devices deployed in a single business network rather than viewing one at a time.

The Attivo platform, called BOTSink, inserts decoy machines into every VLAN on the network to detect when threats scan for vulnerable machines, says Attivo CEO Tushar Kothari. The decoy machines are outfitted with a range of operating systems and can be customized with a full set of the standard-build applications on endpoints. Botsink can be a plug-in appliance or a virtual appliance.

Part of the platform called Information Relay Entrapment System spreads breadcrumbs to attract attackers – cookies in cache and other artifacts that make the decoys seem more real to attackers’ scanning tools. “It makes it very difficult for anyone to differentiate them from real, used machines,” Kothari says.

Attivo gear can integrate with other customer security devices such as SIEMs, firewalls, IDSs and IPSs.

The company was founded in 2011 by B.J. Shanker (VP Operations), Mano Murthy (SVP Global Operation) and Marc Feghali, (VP Product Management). Shankar and Murthy cofounded Allegro Systems, which was acquired by Cisco. Feghali has worked or Cisco, 3Com and Compaq.

The company, whose name means active in Italian, has been shipping products for three quarters. It is based in Freemont, Calif., and is funded with $8 million from Bain Capital.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.