Attivo Networks and Swimlane announced a technology alliance partnership that brings together privilege escalation prevention and threat lateral movement detection with security automation. The integration combines Attivo’s deception technology that deploys decoys to help hide critical assets with Swimlane’s automation platform. With this integration, security operations teams gain the ability to stay ahead of would-be attackers by identifying attack methods before the attack reaches its intended target.
Attivo’s deception technology tricks attackers into releasing attacks on decoy environments, leaving behind a trail of forensics. This forensic data acts as an early warning sign of attackers targeting specific assets and allows organizations to identify actual attack methods adversaries deploy against them.
Security teams gain a head start to bolster defenses in critical areas, launch different decoys to learn more about the attack, or trigger an automated response using any integrated tools. Organizations can also configure Swimlane to deploy Attivo’s decoys as part of an automated workflow for immediate response.
“Visibility into where an attack is coming from and what attackers are targeting before they affect those assets is invaluable. Automated and continual monitoring of incidents during the eradication and recovery phases of incident response is a key capability that Swimlane and Attivo are providing,” said Karen Wood, VP of Global Partner Strategy at Swimlane. “By addressing alert overload, analyst churn, slow response to zero-day attacks, and efficiency issues, joint customers of Swimlane and Attivo are gaining critical insights into their risk posture and targeted remediation plans.”
Key benefits of this partnership include speed and consistency. With an automated prevention posture, Swimlane can launch responses to harden defenses at machine speeds. This faster time to resolution is critical during an attack, as each second counts. Machine-speed response also provides a much greater chance of stopping zero-day attacks. Swimlane workflows enable users to achieve a uniform response across their organization for repetitive alerts, taking human error out of the equation when requiring these responses.
“Swimlane excels at helping organizations achieve more efficiency in their security operations. Through their centralization of all integrated tools and data, customers can reach across traditional product silos to take action with any integrated tool within the SOC,” said Srikant Vissamsetti, senior vice president of engineering, Attivo Networks. “Automated malware analysis is also a key benefit of our partnership. Any alert from a Swimlane integrated vendor can be automatically enriched and submitted to Attivo Networks for further analysis on any malware.”
By partnering with Attivo Networks, Swimlane is continuing to champion security operations teams by improving analyst retention and growing internal tribal knowledge. When analysts must no longer spend their day copy-pasting, switching tools, or waiting for results to load, it improves worker satisfaction. Both Attivo Networks and Swimlane are members of the McAfee MVISION Marketplace, and both have trial offerings available for free.