?

Attivo Endpoint Detection Net Manager Lab

Bookmark
23 Launches
Solution Overview

The Attivo Endpoint Detection Net Manager Lab is a capability of the Advanced Technology Center (ATC) designed to provide an environment to gain hands-on experience with the fundamental features of Attivo's ThreatDefend solution and Attivo's EDN Manager. 

Attivo Networks delivers a counter-infiltration solution that leverages deception. Deception technology provides innovative threat defense through the use of traps and lures that are designed to expose attackers' tactics. Typical honeypot tactics do not support the identification of modern-day infiltration tactics. The assumption is that standard users will not be engaged in network reconnaissance by moving laterally from a compromised system. Attivo has developed decoys that are invisible to standard network users, but convincing enough to allow a "would-be" attacker to become exposed by interaction.

Goals & Objectives

The goal of this lab is to introduce users to deception technology through the use of Attivo Networks. This lab will help users develop proficiency in navigating the EDN Manager UI, and in deploying, managing and monitoring the Attivo ThreatDefend solution. The lab guide provides a flexible framework for evaluating the solution, its installation and the behavior in a sample customer environment.

Throughout this lab users will learn:

  • Attivo's EDN Manager Platform
  • Attivo's ThreatDefend Features
  • How Attivo provides early detection of internal, external, and 3rd Party attacks in real-time
  • How Attivo utilizes deception tokens to lure attackers into revealing themselves
  • How Attivo ThreatPath detects potential paths of lateral movement

Hardware & Software

Attivo

  • Attivo Endpoint Detection Net Manager

Microsoft Based Servers and Clients

  • Windows 2016 (DC)
  • 6 x Windows 2010 Clients

Linux Based Clients

  • CentOS 8
  • Kali Linux

Technologies