The combination of security automation workflows and deception technology empowers organizations to get ahead of would-be cyber attacks
Attivo Networks and Swimlane today announced a technology alliance partnership that brings together leading privilege escalation prevention and threat lateral movement detection with industry-leading security automation. The integration combines Attivo’s deception technology that deploys decoys to help hide critical assets with Swimlane’s automation platform. With this integration, security operations teams gain the ability to stay ahead of would-be attackers by identifying attack methods before the attack reaches its intended target.
Attivo’s deception technology tricks attackers into releasing attacks on decoy environments, leaving behind a trail of forensics. This forensic data acts as an early warning sign of attackers targeting specific assets and allows organizations to identify actual attack methods adversaries deploy against them. Security teams gain a head start to bolster defenses in critical areas, launch different decoys to learn more about the attack, or trigger an automated response using any integrated tools. Organizations can also configure Swimlane to deploy Attivo’s decoys as part of an automated workflow for immediate response.
Recommended ITech News: neutrality.one and SmartCIC partner to Connect Multi-National Corporations in Asia, Europe and North America with SDWAN
“Visibility into where an attack is coming from and what attackers are targeting before they affect those assets is invaluable. Automated and continual monitoring of incidents during the eradication and recovery phases of incident response is a key capability that Swimlane and Attivo are providing,” said Karen Wood, VP of Global Partner Strategy at Swimlane. “By addressing alert overload, analyst churn, slow response to zero-day attacks, and efficiency issues, joint customers of Swimlane and Attivo are gaining critical insights into their risk posture and targeted remediation plans.”
Key benefits of this partnership include speed and consistency. With an automated prevention posture, Swimlane can launch responses to harden defenses at machine speeds. This faster time to resolution is critical during an attack, as each second counts. Machine-speed response also provides a much greater chance of stopping zero-day attacks. Swimlane workflows enable users to achieve a uniform response across their organization for repetitive alerts, taking human error out of the equation when requiring these responses.
Recommended ITech News: Nifty Games Raises $38 Million in New Capital to Redefine Mobile Sports Games as NFL Clash and NBA Clash Move Towards Worldwide Release
“Swimlane excels at helping organizations achieve more efficiency in their security operations. Through their centralization of all integrated tools and data, customers can reach across traditional product silos to take action with any integrated tool within the SOC,” said Srikant Vissamsetti, senior vice president of engineering, Attivo Networks. “Automated malware analysis is also a key benefit of our partnership. Any alert from a Swimlane integrated vendor can be automatically enriched and submitted to Attivo Networks for further analysis on any malware.”
By partnering with Attivo Networks, Swimlane is continuing to champion security operations teams by improving analyst retention and growing internal tribal knowledge. When analysts must no longer spend their day copy-pasting, switching tools, or waiting for results to load, it improves worker satisfaction. Both Attivo Networks and Swimlane are members of the McAfee MVISION Marketplace, and both have trial offerings available for free.
Recommended ITech News: Kroll Partners with SentinelOne to Accelerate Investigations and Response to Ransomware and Advanced Attacks