Attivo Networks, the award-winning leader in deception for cybersecurity threat detection, announced the availability of its ADSecure solution for Google Cloud’s Managed Service for Microsoft Active Directory (AD).
The Google Cloud team has reviewed the Attivo solution that operates and reduces the risk of attack escalation for organizations running Active Directory with Google’s managed service.
Active Directory is estimated to be used by over 90% of businesses to organize users, computers, and services. Attackers target it frequently because it is a centralized directory that they can use to understand the network and gain the privileges that they need to advance their attacks.
The requirement for open access and the availability of automated tools designed to help attackers break into AD make protecting this environment a challenge.
The Attivo ADSecure solution detects unauthorized queries within the managed AD service to reduce the risk of successful enumeration. The solution alters the query response and returns deceptive objects that misdirect attackers to a decoy when they try to use them.
By detecting unsanctioned access to AD, security teams receive alerts early in the attack lifecycle, and the attacker is less likely to get the critical AD information they were seeking.
Additionally, the ADSecure solution reduces the attack surface by misdirecting attackers into a deception environment that safely gathers TTPs (Tactics, Techniques, and Procedures) to aid in the development of company-specific threat intelligence and accelerated response.
Further, the solution operates without altering the production AD, eliminating a critical adoption barrier presented by alternative security solutions.
“With more and more organizations moving to the cloud, there is a heightened need to protect their directory services located in the cloud,” said Marc Feghali, VP of Product Management for Attivo Networks.
“For Google Cloud customers that are using a managed Active Directory service, the additional protection of ADSecure helps keep attackers from successfully querying Cloud Service Objects, domain controllers, Cloud OU resources like privileged users, computer groups, service accounts, and built-in privileged groups.”
“Customers are using our service to simplify AD deployment, management, and security in the cloud without managing infrastructure,” said Siddharth Bhai, Product Manager for Google Cloud. “They can now leverage ADSecure to further reduce the risk of attack escalations against their deployments.“