Receive awards updates:

Promote this Nomination

  • Company (that provides the nominated product / solution / service): Attivo Networks
  • Website:
  • Company size (employees): 100 to 499
  • Country: United States
  • Type of solution: Hybrid
  • Approximate number of users worldwide: Attivo has customers in the triple digits and has deployed deception on millions of endpoints.

What other awards did this nomination receive in the previous 12 months?

•Attivo Networks Deception Technology Wins Six Awards in the 12th Annual 2017 IT World Awards® (
•Attivo Networks Selected as a Top 50 Bay Area Cybersecurity Company (
•Attivo Networks Named a CRN Emerging Vendor, Its 14th Award Recognition for 2017 (
•Attivo Networks Strikes Gold in Ninth Annual 2017 Golden Bridge Awards® (
•Attivo Networks Receives 2017 Best of Fremont Award (
•Attivo Networks Named a 2018 TAG Distinguished Vendor (
•Attivo Networks Named Cloud Security Startup of the Year by CyberSecurity Breakthrough Awards (
•Attivo Networks Recognized as a Softshell Vendor (
•Attivo Networks Named a Cybersecurity Leader of 2017 by Cyber Defense Magazine (
•Attivo Networks Recognized as an Emerging Network Security Vendor (
•Attivo Networks Honored with Three 2017 ASTORS Homeland Security Awards (
•Attivo Networks Named Winner of Prestigious Red Herring Top 100 Global Award (
•Attivo Networks Wins Cybersecurity Excellence Awards in Three Categories (
•The Home Depot Receives 2018 CSO50 Award from IDG’s CSO Magazine (
•Attivo Networks Wins Two Awards in the 14th Annual Info Security PG’s 2018 Global Excellence Awards (
•Attivo Networks Named One of the 10 Best Tech Startups in Fremont (
•Attivo Networks Featured in CRN’s 2018 Partner Program Guide (
•Attivo Networks Wins Two Awards in Cyber Defense Magazine’s 2018 InfoSec Awards (
•Attivo Networks Recognized as a 2018 Bay Area Best Place to Work (
•Carolyn Crandall of Attivo Networks Named to 2018 CRN Women of the Channel Power 100 List (
•Carolyn Crandall Inducted into DMN Marketing Hall of Femme 2018 (
•Attivo Networks Sweeps the 13th Annual IT World Awards 2018 (

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

•Attivo Networks is unique in that it provides all forms of deception including endpoint, network, application, services, and data. The company’s ThreatDefend platform also goes further than others in not only reducing attacker dwell time but improving mean time to respond with a built-in attack analysis engine and extensive native integrations (30+) that empower automated incident response and attack information sharing. Attivo Networks is also unique in that it is the only company to cover all attack surfaces including data centers, cloud, user networks, remote office, IOT, ICS, POS, Medical IOT, network, and telecommunications infrastructure. In addition, Attivo technology is not inline and doesn’t require an agent to deploy on the endpoint. Given its design, the solution is highly scalable and can cross multiple VLANs. There are NO VLAN limitations and the technology supports next-generation serverless data centers. Attivo is customer-proven in large global deployments, midmarket, and has deployed millions of endpoint deception solutions deployed.
•Attivo Networks provides the highest levels of mirror-match authenticity with over 50+ out of the box operating systems, applications, and services to choose from. Additionally, an organization can run its own golden image production software for the greatest levels of authenticity. Machine-learning is then applied to automatically generate deception campaigns, automate deployment, and provide automated operations. It makes managing deception exceptionally simple while maintaining freshness and authenticity. Additionally, Attivo credentials can validate in Active Directory and DNS so that the attacker cannot tell real from fake credentials or decoys.
•Attivo Networks is the only provider with its own built-in attack and malware analysis engine. This is used to automatically correlate, report, and automate incident response based upon captured attack information. Substantiating alerts based on attacker engagement removes false positives and makes response actionable as all the information is provided to efficiently block, quarantine, and threat hunt.


Attivo Networks® deserves this award recognition for its innovative approach to an Active Defense that’s based upon deception for early attack detection and threat-, adversary-, and counter-intelligence to accelerate and automate incident response.

The Attivo ThreatDefend platform starts with deception, providing eyes-in-the-network visibility to threats that have bypassed perimeter security controls. Decoys that appear identical to production assets (OS, application, services, network characteristics) and credential lures with breadcrumbs work in sync to attract attackers during lateral movement, reconnaissance, and credential theft. Upon attacker engagement or use of deception bait, a high-fidelity alert is raised and attacker’s movements for deep analysis and forensics are recorded. Organizations can automatically block and isolate threats immediately or opt to collect additional adversary intelligence within the safety of the deception environment. The platform uses high-interaction deception to capture all attack activity, including TTPs and IOCs and can show time-lapsed attack replays.

Attivo also provides complete counterintelligence capabilities through DecoyDocs, deceptive data loss tracking (DLT) documents that generate detection and geolocation alerts when stolen and opened. Collectively, this gives the SOC team a thorough understanding of attacker capabilities, goals, and motivation – while attackers think that they are escalating the attack. Organizations can then take this intelligence and use it to strengthen their overall security posture and/or turn over to law enforcement.

Security teams are also finding tremendous value in deception for “silent” threat hunting. Post-compromise, this allows teams to strategically place deception to determine if threats are eradicated and to set additional traps in the event the attacker tries to return. On average, an attacker has 100 days in which to discover your systems, harvest data, review files, modifying data sets, exfiltration… Anything and everything they need to return. Deception can promptly alert you if they do.


Sign Up for
Cybersecurity Excellence Awards Updates

Sign up for your award updates! Join thousands of cybersecurity marketers and professionals to receive the latest news about the upcoming Cybersecurity Excellence Awards.

Sign Up for
Cybersecurity Excellence Awards Updates

Sign up for your award updates! Join thousands of cybersecurity marketers and professionals to receive the latest news about the upcoming Cybersecurity Excellence Awards.