Attacker View exposes hidden cyber attack paths

Illusive networks launched illusive 3.0 with Attacker View, a technology that enables IT security professionals to view their corporate network from an attacker’s perspective. Armed with a detailed map of how attackers view and traverse a network, IT security professionals can now visualize attack paths and adapt their security strategy to mitigate attacker’s lateral movement.

Attacker View differs from mapping software and network architecture by showing the attack vectors found on each machine, and illustrates how advanced attackers can easily navigate the network to reach critical assets. Attacker View illuminates the connections, accessibility, privilege escalation options, and unseen attack paths that are used by cyber criminals.

Customer examples

A Financial Services company discovered privileged Domain Administrator accounts in the cache memory on multiple workstations. These accounts contained master privileges for the entire network. An attacker gaining access to any of these workstations would have access to the entire network.

A Telecom company with two separate networks – one public network serving its customers and one private network serving its employees – was found to have multiple workstations connecting to both, physically separated networks. An attacker that moved from the customer/public network onto one of these workstations could easily move into the private/employee network continuing to the company’s critical assets. These workstations had been part of an old testing project.

A company with centralized data storage containing the company’s most critical documents accidentally published a share name to most of the network workstations. An attacker laterally moving onto any of these workstations could easily reach the critical central storage and the critical information. The Attacker View visualized this major security risk so that IT could make changes.

Attacker View visualization

Many of the problems that Attacker View exposes cannot be corrected by IT security professionals alone. The nature of dynamic, evolving networks means that attack vectors multiply and are very difficult to persistently remove. The Attacker View visualizes current attack vectors, and when combined with illusive networks Deceptions Everywhere approach to deploy security deceptions on every network entity, is the most effective method to deceive Advance Attackers and stop APTs.

Selected as a finalist in the RSA Conference Innovation Sandbox Contest 2016 for its work in deception-based post-breach cybersecurity, illusive networks’ Deceptions Everywhere agentless technology blankets the entire network — every endpoint, server, and network component — with misleading network information that deceives would-be attackers.

“Thinking like an attacker is at the core of illusive networks’ approach to cybersecurity,” said Shlomo Touboul, CEO, illusive networks. “Attacker View provides a startling picture of how your network appears to attackers. It is like seeing a hidden maze that, until now, only advanced attackers saw as they made their way to your network’s ‘treasure room’. Attackers are looking under the hood for hidden information and connections they can leverage to execute an advanced attack. Attacker View takes away that advantage.”