Illusive Networks, the leader in deception-based cybersecurity solutions announced Attack Surface Manager (ASM), the first automated solution to continually reduce the attack surface, and proactively lower the likelihood of targeted cyberattack success.
Illusive ASM discovers hidden elements throughout the network that enable lateral movement and otherwise facilitate advanced attacks. In today's fast-changing business environments, it is difficult for security teams to identify and control credentials and other sensitive data elements that proliferate during normal day to day operations. ASM automatically identifies these risks, revealing policy violations, and enabling security professionals to proactively deprive attackers of the keys they need to reach critical assets.
"Nearly every security breach that I've investigated involved the theft and abuse of credentials," says Charles Carmakal, vice president of cyber incident response firm Mandiant. "ASM enables organizations to identify and decrease the exposure of credentials, reducing the ability for attackers to move laterally once in an environment."
"For years, organizations have felt at the mercy of sophisticated attackers who maneuver their network undetected for months," said Ofer Israeli, CEO, Illusive Networks. "By removing the very elements attackers need to progress, ASM stops the attack before it creates a business crisis. This significant new release continues our progress in addressing the complete advanced attack lifecycle."
In a recent CyberEdge survey, only 38% of respondents stated they were confident in their ability to avoid a successful cyberattack in the coming twelve months. ASM was developed in response to customer requirements to eliminate standing threats missed by traditional cyber defense offerings, and represents continued progress toward Illusive's vision of applying deception-based technology against all stages of advanced cyber-attacks, including prevention, detection, response, and remediation.
"Deception solutions will play a greater role in the future of enterprise threat defense," according to Gartner."Detection is often a prerequisite for higher-quality deceptions. However, organizations are beginning to use deceit to actively thwart or isolate malware botnets, threat actors, and suspicious connections."
"While some organizations may need large-scale analytics solutions or advanced threat hunting teams," Israeli continued. "These investments take time to bear fruit. We provide an extremely lightweight, nimble, and easy to deploy solution that automatically adapts to changes in the environment, and immediately enhances an organization's ability to avoid the heavy toll targeted attacks can take."
Organization using ASM preemptively manage and reduce attack risk through:
- Continuous minimization of the attack surface, even when user populations and systems are rapidly changing
- Unprecedented visibility to their access footprint and credential-related policy violations that facilitate attacker mobility
- Efficient and scalable credential management of credentials through intelligent automation
- The ability to prioritize remediation by understanding the risk and criticality of each violation
- Early detection of advanced attackers by reducing attack vectors in the environment, decreasing real credentials, and increasing the odds of detection
- Rapid correction of policy violations by both automated and manually-driven methods
Illusive ASM enhances the company's award-winning deception-based cybersecurity platform, which uses intelligent automation and machine learning to support creation, deployment, and refresh of deceptions at massive scale.
The agentless system allows swift and easy deployment of deceptions with minimal manpower required for both roll-out and daily operations. As soon as attackers attempt to use any form of deceptive information, Illusive detects and alerts enterprise security teams and integrates real-time, contextual forensic data directly into the incident record, enabling rapid and informed incident analysis and response.
"The combination of ASM's ability to reduce the exposure of credentials in advance of attacks, with Illusive's existing ability to plant convincing and realistic deceptions throughout an environment, will help organizations better prepare for attacks, and detect threat actors earlier in the attack lifecycle," concluded Carmakal. "Illusive continues to innovate technology that helps organizations reduce their attack surface and mitigate the risk of data breaches."
Over the past 12 months, Illusive has received recognition by The Wall Street Journal in its inaugural Tech Companies to Watch, was honored as a finalist in CRN's Tech Innovators Awards, named as one of CRN's '25 Coolest Network Security Vendors', by Momentum Partners as one of ten cybersecurity companies on their Watch List and more recently, by InformationWeek as a Top Vendor to Watch in 2018. The company recently announced high 2017 growth with industry-wide implementation from Fortune 50 customers alongside an expansion of their executive leadership team.