Illusive Networks, the leader in human-driven cyberattack detection and response, released the Attack Surface Manager Spotlight Edition, a turnkey solution that provides security teams with the ability to quickly discover, visualize and remove a variety of high-risk cached credential and connection information that fuel targeted ransomware attacks and allow attackers to 'live off the land' after breaking into company networks.
In recent high-profile attack threats such as Ryuk and LockerGoga, cybercriminals used specialized hacking tools including Metasploit, Cobalt Strike and Mimikatz to mine cached credentials and connections, which they then leveraged to reach critical assets. Illusive Network's new Attack Surface Manager Spotlight Edition gives every organization – regardless of size or budget – the ability to stop these types of attacks by finding and eliminating errant credential and connection information before the attack begins.
"These new attacks are not more sophisticated, but they are far more insidious," said Ofer Israeli, founder and CEO of Illusive Networks. "They use the same hacker tools and lateral movement techniques we've seen previously, but now instead of stealing data or assets, the attackers are planting ransomware with potentially life-threatening ramifications. With these escalating threats, it's futile to chase one malware variant after another, struggling to develop an antidote for each. We must stop attackers before they reach their targets and plant this poison."
Experts have long suspected credentials and connections were at the heart of these threats, but until the release of Attack Surface Manager, users had no effective mechanism to find and remove them. The ASM Spotlight Edition gives users detailed visibility into specific vulnerabilities most often exploited by attacker tools, including systems with direct access to crown jewels, pathways to crown jewels, shadow admins, domain admins, user credentials, local admins and more.
The ASM Spotlight Edition program is designed to ensure rapid widespread access to these powerful capabilities via a turnkey package including professional services and software licensing. Users receive an instant evaluation of their risk level and the state of cyber hygiene, with actionable recommendations for immediately reducing these threats. Special solution pricing offers unlimited reports for up to 2000 endpoints and 100 automated cleaning actions, at a price that enables department level signoff. To further speed adoption, the solution is offered with a full trade-up credit towards service expansion. Additionally, for customers in high-risk situations, Illusive will commit to deliver the first risk assessment report and cleaning action within seven days of contract approval.