Attivo Networks ThreatDefend Deception and Response Platform
Promote this Nomination
Photo Gallery
![]() |
Attivo Networks ThreatDefend Deception and Response Platform

Additional Info
Company (that provides the nominated product / solution / service) | Attivo Networks |
Website | https://attivonetworks.com |
Company size (employees) | 100 to 499 |
Type of solution | Hybrid |
In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:•Attivo Networks is unique in that it provides all forms of deception including endpoint, network, application, services, and data. The company’s ThreatDefend platform also goes further than others in not only reducing attacker dwell time but improving mean time to respond with a built-in attack analysis engine and extensive native integrations (30+) that empower automated incident response and attack information sharing. Attivo Networks is also unique in that it is the only company to cover all attack surfaces including data centers, cloud, user networks, remote office, IOT, ICS, POS, Medical IOT, network, and telecommunications infrastructure. In addition, Attivo technology is not inline and doesn’t require an agent to deploy on the endpoint. Given its design, the solution is highly scalable and can cross multiple VLANs. There are NO VLAN limitations and the technology supports next-generation serverless data centers. Attivo is customer-proven in large global deployments, midmarket, and has deployed millions of endpoint deception solutions deployed. |
Brief Overview
A day doesn’t go by without finding an article on the impending threat to the energy sector and a country’s critical control operations. The National Cybersecurity & Communications Integration Center even produced a report on 7/25/18 on Russian Activity Against Critical Infrastructure. The threat risk for an industrial control systems attack can be as high-profile attack on the energy grid or found in less obvious places like universities, casinos, and even sports centers which often operate with similar infrastructure to that of a small city. Based on its deception successes, Attivo has had numerous discussions with enterprise, education, and government agencies on how to improve the state of cyber detection within ICS-SCADA environments. Attivo has also worked with these organizations on deploying threat deception and on how they can apply deception to their NIST 800-82 Revision 2 requirements in order to strengthen their overall security posture and comply with security expectations and regulation.
Adoption of the ThreatDefend™ platform for ICS-SCADA environments continues to soar based upon its unique ability to provide early detection and accelerate incident response. The solution is designed for threat detection on ICS-SCADA devices used to monitor and control manufacturing operations and critical infrastructure across a wide variety of industries. The ThreatDefend™ BOTsink solution creates mirror-match decoys so that customers gain early and accurate threat detection for businesses, process controls, and field sensors. The solution provides a powerful detection control for insiders, external, and third-party threats as they attempt to move laterally through the network.
Regardless of the attacks origin: a phishing email, USB device, or through another point of access, the deception platform sets traps and provides the visibility required to quickly detect and block an attack. The platform also gathers full forensics and automates attack analysis for accelerated incident response.