Attivo Networks and Blue Coat Improve Incident Response Time With Automated Information Sharing

FREMONT, CA--(Marketwired - Apr 12, 2016) - Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced a partnership and technology integration with Blue Coat Systems, Inc., a market leader in enterprise security. The combined solution will provide real-time detection of cyber-attacks and automatically pass the attack information captured by the Attivo BOTsink® deception platform to the Blue Coat ProxySG for automated blocking and quarantining of an infected end-point or device, reducing incident response time and improving customers' ability to combat cyber-attacks.

The BOTsink platform is designed to provide inside-the-network threat detection and to create key forensics for the:

• Identification and detection of all threat vectors -- reconnaissance, stolen credential, phishing, and ransomware and multi-stage exploit kits
• Gathering of instructions sent from a command and control (C&C) server as part of initial callback mechanism: Allowing the opening of a proxy and for man-in-the-middle (MITM) for SSL encrypted sessions forensics
• Generation of attacker signatures which can be uploaded to block connection attempts based on intent

The Blue Coat ProxySG is an industry-leading secure web gateway, delivered on-premise or in the cloud, that delivers world-class protection and bandwidth management capabilities to secure and optimize use of the web. The unparalleled feature set includes user authentication, web filtering, data loss prevention, encrypted traffic visibility, content caching, stream-splitting and more.

The joint solution seamlessly integrates attack forensics gathered by the Attivo BOTsink engagement server with the Blue Coat ProxySG to automatically prevent compromised endpoints from exfiltrating data or communicating with the attacker's command and control center. This level of high-quality forensics improves customers' incident response and significantly reduces the time to complete remediation. 

Tushar Kothari, CEO of Attivo Networks, said, "The largest global companies rely upon Blue Coat technology for advanced enterprise security. This integration extends the value of an organization's current Blue Coat security infrastructure by automating forensics and improving incident response. Joint customers will also now benefit from a more comprehensive security posture that combines prevention and detection solutions that work seamlessly together to derail cyber attacks."

"Detecting threats inside a network and improving incident response time is crucial," said Peter Doggart, vice president, business development, Blue Coat. "By integrating the forensics from the Attivo BOTsink platform, Blue Coat can provide our customers with the most comprehensive prevention, detection, and prompt and effective response and remediation."

Availability

This integration is now available for joint customers using the Attivo BOTSink Deception Platform and the Blue Coat ProxySG.

Resources
Attivo BlueCoat solution brief

About Attivo Networks
Attivo Networks® is the leader in dynamic deception technology, which in real-time detects intrusions inside the network, data center, cloud, and SCADA environments before the data is breached. Leveraging high-interaction deception techniques, the Attivo BOTsink® Solution lures BOTs and APTs to reveal themselves, without generating false positives. Designed for efficiency, there are no dependencies on signatures, database lookup or heavy computation to detect and defend against cyber threats. Attivo solutions capture full forensics and provide the threat intelligence to shut down current and protect against future attacks. For more information visit www.attivonetworks.com

Follow Attivo Networks: Twitter and Linked In

About Blue Coat Systems
Blue Coat is a leader in advanced enterprise security, protecting 15,000 organizations every day. Through the Blue Coat Security Platform, Blue Coat unites network, security and cloud, providing customers with maximum protection against advanced threats, while minimizing impact on network performance and enabling cloud applications and services. Blue Coat was acquired by Bain Capital in March 2015. For additional information, please visit www.bluecoat.com.