SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Attivo Networks announces SentinelOne integration to increase threat protection
Fri, 30th Apr 2021
FYI, this story is more than a year old

Attivo Networks has released a new integration for the Attivo EDN Suite with SentinelOne's Singularity XDR platform.

A new integration

The Attivo Endpoint Detection Net (EDN) solution detects credential and privilege escalation attacks, then sends the alert data to the SentinelOne XDR platform, which automatically quarantines the infected endpoint.

Combining the two solutions accelerates incident response and reduces the mean-time-to-respond or remediate, Attivo states.

As such, joint customers can prevent endpoint compromises and disrupt attacker attempts to gather credentials and perform reconnaissance activities needed for lateral movement, the company states.

The integrated solution creates a defence against sophisticated attackers and provides comprehensive coverage across a broad set of attack techniques, as documented in the MITRE ATT-CK matrix.

SentinelOne's Singularity XDR platform

With its Singularity XDR platform, SentinelOne is an expert in Endpoint Protection (EPP), Endpoint Detection and Response (EDR), IoT security, and cloud security.

The platform delivers NGAV and behavioural AI to stop known and unknown threats, differentiated endpoint protection, endpoint detection and response, IoT security, cloud security, and IT operations capabilities.

These capabilities consolidate multiple existing technologies into one comprehensive solution with a single agent, the company states.

With this integration, Attivo customers benefit from SentinelOne AI and Behavioural engines to further preventing for lateral propagation activity.

SentinelOne provides behavioural post-exploitation engines that capture privilege escalation, injections, credential theft and other techniques.

Attivo Network's Endpoint Detection Net Suite

The Endpoint Detection Net (EDN) Suite confirm's Attivo Networks' expertise in protecting Active Directory (AD) and credentials on endpoints, both of which are prime targets for modern cyber-attacks.

The EDN solution provides SentinelOne customers with an effective way to detect and prevent attacks against Active Directory, credential theft and privilege escalation while reducing the attack surface by removing exposed credentials.

Commentary from the executive team

Attivo Networks senior vice president of engineering Srikant Vissamsetti says, "The Attivo EDN solution is a perfect complement to the SentinelOne Singularity XDR platform.

"It seamlessly adds visibility to credential-based attacks, denies the adversary access to the data they seek, and derails them with misinformation every step of the way.

"Plus, joint customers gain visibility into exposed, orphaned or misused credentials on an endpoint and efficiently remove attack paths that adversaries could leverage."

SentinelOne SVP corporate and business development, Chuck Fontana, says, "The combination of SentinelOnes Singularity XDR Platform with Attivo's EDN provides a unified solution for detecting, disrupting, and responding to credential and privilege escalation attacks."

About Attivo Networks

Attivo Networks specialises in lateral movement attack detection and privilege escalation prevention, focusing on delivering a superior defence for countering threat activity.

Through cyber deception and other tactics, the Attivo ThreatDefend Platform offers a scalable solution for denying, detecting, and derailing attackers and reducing attack surfaces without relying on signatures.

The portfolio provides defences at critical points of attack, including at endpoints, in Active Directory, in the cloud, and across the entire network by preventing and misdirecting attack activity.