Additional Info

Company size (employees)Less than 100


In less than 1 year of shipping product, Attivo has validated the use case of deception for threat detection. Attivo now has over 200 organizations engaged in making deception an integral part of their security infrastructure solutions. Notably 50%+ of these are Fortune companies. The company stands out from others for the comprehensiveness of its deception platform, which provides real-time, inside-the-network threat detection for user networks, data centers, cloud (AWS, VMware), and SCADA environments.

A representative from Marvell Semiconductors has stated, “Attivo Networks developed a new approach to security that meets a significant need. The numbers of breaches are becoming an everyday occurrence and we felt our current level of network protection could use another layer of security. Their solution identifies BOTs and APTs inside our networks that have moved through our current perimeter protection and that is vital for us so we can take action before any of our data can be affected. At Marvell, we are constantly looking for new, innovative security solutions that give us the best protection throughout the network, our test labs and test instruments. But there are several capabilities we absolutely require and Attivo met them all.”

Attivo Networks highlights and recognition include

• Being named the Cloud Awards’, Security Innovation of the Year
• Being named the Cyber Defense Magazine’s, Next Gen Deception Based Security Solution for 2016
• Selected as a Security Innovation of the Year finalist for the Tech Trailblazers
• Selected as a Deception Based Security finalist for Info Security Products Guide’s Global Excellence Awards
• 2015 Emerging Technology Vendor, CRN
• Expansion of Deception Platform to detect all classes of cyber threats including reconnaissance, stolen credentials, phishing, and ransomware attacks
• Attivo BOTsink solution integration with Juniper Networks SRX series firewall and Intel McAfee Network Security Platform (Certified), Splunk, ARcSight, QRADAR.

How we are different

• Attivo Networks steps in when all other security systems have failed. The Attivo dynamic deception solution is an advanced platform designed to deceive and misdirect attackers, providing organizations the visibility and time required to foil an attack. Attivo is not reliant on known attack patterns or signatures to detect an attack. Instead, the company uses deception to lure and detect all types of cyber threats including reconnaissance, stolen credentials, phishing, and ransomware attacks across an organizations network and public, private, and hybrid cloud data center environments.

• In addition to making the entire network a trap, the deception platform has been recognized by customers and analysts for its authenticity and efficacy. Based on the use of real operating systems and dynamic deceptions, Attivo uses high interaction luring techniques to attract engagers before data can be breached. Attivo deception is based on real operating systems, full services, and golden images that can be customized so that the Attivo deception decoys can become indistinguishable from company servers, end-point, medical or industrial devices, which are traditionally hard to patch and are known for their increased vulnerabilities.

• The Attivo Deception Platform does not stop at detection alone. The Attivo AMR engine will trap a BOT or APT and run full TTP forensics so that the methods and attack information can be catalogued and analyzed in a threat intelligence dashboard, and passed to prevention systems to shut down current and prevent future attacks. Attivo provides 3rd party SIEM and infrastructure integrations to share threat intelligence, block and quarantine attackers, and thwart the efforts of attackers. Customers in fewer than 30 minutes of set up, can gain visibility into threats inside the network and with the high fidelity alerts and reporting, are easily able to run the deception platform without needing to add highly skilled resources.