SOURCE: TrapX Security

TrapX Security

May 02, 2017 06:00 ET

TrapX Integrates with ForeScout to Contain Active Attackers Inside the Network Perimeter

The combined solution leverages TrapX's deception technology and ForeScout's agentless visibility and control capabilities to detect, divert, quarantine and proactively mitigate advanced threats

SAN MATEO, CA--(Marketwired - May 2, 2017) - TrapX Security®, a global leader in deception-based advanced cyber-security defense, today announced the integration of its DeceptionGrid product with ForeScout CounterACT® from ForeScout Technologies, Inc., a leading Internet of Things (IoT) security company. The joint solution equips customers with early threat detection and automated response capabilities designed to accelerate incident response times, quarantine threats and effectively shut them down in real time.

The DeceptionGrid integration with ForeScout's technology greatly expands the TrapX ecosystem for detection and real-time response of advanced threats, zero-day attacks and other sophisticated malware, as well as rapid containment capabilities that isolate and block the threats. As threat intelligence is garnered from DeceptionGrid it gets shared with CounterACT, which then processes the enhanced threat intelligence and applies the security insight to trigger automated response actions and enforce a broad range of policy-based controls, such as isolating the device and initiating remedial actions on endpoints to mitigate threats. 

"The integration of TrapX DeceptionGrid with ForeScout CounterACT provides customers with real-time visibility to quickly detect and contain zero-day attacks, ransomware and other sophisticated malware to stop threats from moving laterally throughout the network," said Greg Enriquez, CEO of TrapX Security. "Sophisticated cyber criminals have found ways to bypass perimeter solutions and penetrate the network where they can move undetected as they access and exfiltrate sensitive data. The joint solution offers customers the ability to distract potential attackers and separate them from customer assets, so security teams can analyze the threat and resume normal operations quickly and easily." 

"As enterprise organizations adopt more IoT and IP-connected devices in their networks, they expand the entry point for hackers," said Rob Greer, senior vice president of product, ForeScout Technologies, Inc. "TrapX's integration with ForeScout allows customers to agentlessly discover devices connecting to their networks, detect malicious behavior coming from these devices, and quarantine or mitigate the threat before a major security incident occurs."

TrapX DeceptionGrid creates a network of traps (decoys) that are intermingled with and imitate a company's real information technology assets, creating an environment that attracts (via Lures/Deception Tokens) and detects malicious insiders as soon as they begin their attacks. Known as emulations, these traps represent an additional security layer within the enterprise infrastructure that identifies a breach as it happens and provides customers with instant insight, enabling them to prevent data from being transmitted out of the network.

Together, the integration of TrapX DeceptionGrid and ForeScout enables customers to:

  • QUARANTINE: Once DeceptionGrid identifies a suspicious endpoint, it will call ForeScout's API in order to isolate it from the network while stopping the attack and giving security teams time to investigate the incident without risk of further infection/compromise.

  • DIVERT: TrapX DeceptionGrid can divert the threat away from valuable resources by deploying decoys and Deception Tokens across the network. Malware or a human attacker attempting to move laterally will divulge information on their techniques, tactics and procedures (TTPs) that security teams can use to better mitigate the threat.

  • MITIGATE: TrapX identifies indicators of compromise (IOCs) based on the threat's interaction with TrapX's decoys. It shares IOCs with ForeScout, which can then isolate the infected endpoint based on policy. ForeScout can leverage its IOC repository to scan other endpoints that are attempting to connect, or are already connected on the network, and initiate mitigation actions on infected endpoints.

More Information
Visit the TrapX Website: www.trapx.com
Watch a 60 Second Introduction to Deception Technology: https://youtu.be/d6lzgBZ4hWQ
Learn more about DeceptionGrid: http://trapx.com/wp-content/uploads/2017/02/TrapX_Brief_DeceptionGrid_6.0.pdf
Visit the TrapX blog: http://www.trapx.com/blog/
Follow TrapX on Twitter: @trapxsecurity
Follow TrapX on LinkedIn: https://www.linkedin.com/company/trapx
Like TrapX on Facebook: https://www.facebook.com/pages/TrapX/258804147648401

About TrapX
TrapX Security is a leader in deception based cyber security defense. Our solutions rapidly detect, analyze, and defend against zero day and advanced attacks in real time. DeceptionGrid™ provides automated, highly accurate insight into malware and malicious activity unseen by other types of cyber defense. We create a proactive security posture, fundamentally changing the economics of cyber defense by shifting the cost to the attacker. The TrapX Security customer base includes Forbes Global 2000 commercial and government customers around the world in sectors that include defense, healthcare, finance, energy, consumer products, and other key industries. Learn more at www.trapx.com.