Symantec Corp. (NASDAQ: SYMC) has announced the acquisition of†Javelin Networks, a privately held company that offers advanced software technology to defend enterprises against Active Directory-based attacks.
Microsoft Active Directory (AD) services have become an increasingly popular target for attackers, who use AD reconnaissance to discover the users, servers, and computers in an enterprise network and then move laterally across the network using this information to carry out multi-stage attacks. Recently, multiple major advanced persistent threat (APT) campaigns†have used AD credentials†to move laterally in the network beginning with a single compromised endpoint. This challenge is pervasive, as a large number of enterprises worldwide use AD services to manage their users, applications, and computers.
To counter those threats, Javelin Networks was founded by Red Team post-exploitation experts with a mission to protect every machine in the world connected to Active Directory. They developed software to protect AD and commonly-used domain resources, including domain controllers, domain identities, and domain credentials. Javelin Networks’ advanced technology can detect AD misconfigurations and backdoors and help prevent AD reconnaissance and credentials misuse by authorized devices and applications.
Starting today, the Javelin Networks team and its technology is part of Symantec’s endpoint security business. The privately held company was founded in 2014 and has employees based in Israel and the U.S. The company’s AD | Protect and AD | Assess products have won†several industry awards†from SC Magazine and others.
“In the cloud generation, identity management services, such as Active Directory, are a critical part of a user’s interaction with their organization’s applications and services. They are also a critical information repository that attackers regularly exploit,” said Javed Hasan, senior vice president of endpoint and data center products, Symantec. “The addition of Javelin Networks technology to our industry-leading endpoint security portfolio gives Symantec customers a unique advantage in one of the most vulnerable and critical areas of IT infrastructure. Most importantly, it can help expose exploitable backdoors in AD and stop attacks at the point of breach while preventing lateral movement.”
This acquisition further strengthens the industry’s most comprehensive†endpoint security stack†in a single-agent architecture. As one of four critical control points of the company’s†Integrated Cyber Defense Platform, Symantec Endpoint Protection (SEP) helps customers meet the challenges of the cloud generation by simplifying and optimizing their environments, helping to lower costs, and improving security.
Over the past two years, Symantec has made significant investments to bring innovation to its endpoint security portfolio, further enhancing the company’s ability to protect the broadest spectrum of modern endpoints and operating systems (e.g. iOS, Android). Symantec furthered its commitment to endpoint innovation with the acquisition of Appthority , a privately held company that offers comprehensive Mobile Application Security Analysis. Recent product additions to Symantec’s endpoint security portfolio include SEP Hardening Application Isolation, deception and Targeted Attack Analytics. Adding Javelin technology strengthens Symantec’s endpoint controls offering, further enhancing the company’s ability to protect modern and traditional endpoints (e.g. iOS, Android) from a single vendor and extending its leadership in endpoint security (Symantec is named a leader in the latest†Gartner Magic Quadrant for Endpoint Protection Platforms†and†Forrester Wave for Endpoint Security Suites, and†AV-Test Institute Best Protection Awards).