Attivo Networks, a provider of cybersecurity threat detection, is integrating with Microsoft to further enhance detection and response for Azure IoT Edge with the ThreatDefend platform. The integration provides customers a reliable way to quickly and confidently detect, redirect, and respond to in-network attackers.
“Efficiently detecting cloud-based attacks on containers and Internet of Things (IoT) devices remains a significant challenge for legacy security controls,” said Venu Vissamsetty, VP security research of Attivo Networks. “We are excited to partner with Microsoft to deliver the visibility, early detection, and accelerated response that organizations need to combat advanced attackers and leverage the maximum benefits of the Intelligent Edge.”
The joint Attivo ThreatDefend and Azure IoT Edge solution is designed to seamlessly deploy Azure IoT modules as decoys for early and accurate threat detection.
Security teams can also deploy ThreatDirect forwarders in remote IoT edge devices from the Azure IoT Hub console and project deception at scale across the enterprise cloud, IoT, industrial, and medical networks to protect their entire infrastructure. This jointly developed solution is available in the Azure Marketplace.
The Attivo ThreatDefend solution works by creating a fabric of deceptive assets that proactively deceive and redirect attackers into revealing their presence.
When attackers target IoT edge devices, attempting to conduct reconnaissance or move laterally, they will discover assets that appear identical to production systems. Any active observation will cause the attack to be redirected into the deception environment.
The solution then raises an engagement-based alert that automatically notifies the Azure Security Center. Additionally, forensics and company-specific intelligence on the attack are gathered and can be used for understanding attacker methods, intent, and strengthening security defenses.
The Azure IoT Edge is a fully managed service built on Azure IoT Hub. Organizations can deploy cloud workloads to run on IoT edge devices via standard containers.
By moving certain workloads to the edge of the network, devices spend less time communicating with the cloud, react more quickly to local changes, and operate reliably even in extended offline periods.
For more information about this news, visit https://attivonetworks.com/.