Attivo Networks Covers 27 out of the 33 Defense Techniques Identified in MITRE Shield Company Delivers the Most Comprehensive Active Defense with Detection Coverage for 123 of the 190 MITRE Shield Use Cases


Attivo Networks®, an award-winning leader in cyber deception and attacker lateral movement threat detection, today announced that its solutions provide organizations with a vast majority – 82 percent – of the active defense measures presented in MITRE Shield. The ThreatDefend® Platform components – ADSecure™, BOTsink®, and Endpoint Detection Net (EDN) – represents the industry’s most comprehensive threat detection coverage, providing organizations with 27 of the 33 defensive techniques identified by MITRE. Additionally, these solutions provide an active defense for 123 of 190 MITRE Shield use cases.

According to the organization’s website, “MITRE Shield is a publicly available, free knowledge base of common techniques and tactics that can help experts take proactive steps to defend their networks and assets.” MITRE Shield takes a similar approach to present active defense concepts as MITRE ATT&CK® does for offense, and leveraging them together enables organizations to create active defense playbooks to address specific adversaries.

“Attivo Networks offers solutions that are purpose-built to defend in ways MITRE highlights in Shield,” said Nitin Jyoti, Attivo Networks vice president of product management. “The company’s portfolio of products are ideal for creating an active defense and are designed to drive adversaries to take actions that reveal their tactics and tools early in the attack lifecycle.”

Read More: CISOs Consider Cyber Threats as Their Businesses’ Risks

Cyber deception is renowned for its ability to create an active defense. Unlike other forms of deception solutions, the Attivo ThreatDefend platform provides comprehensive attack prevention and detection capabilities that enable it to cover not only decoy techniques, but also a wide variety of other methods. The platform proactively diverts attackers away from their targets with fake information that misdirects them to decoys, and through denial of access, can conceal and prevent an attacker from obtaining critical information such as Active Directory objects, data, and file storage systems. With the ability to control the path of the attacker into a decoy, defenders can gather the valuable insights that they need to understand their adversary’s tools and techniques, as well as intent.