Attivo Networks® Enhances AD Security for Google Cloud’s Managed Service for Active Directory with Deception and Misdirection Capabilities
March 2020 by Marc Jacob
Attivo Networks® announced the availability of its ADSecure solution for Google Cloud’s Managed Service for Microsoft Active Directory (AD). The Google Cloud team has reviewed the Attivo solution that operates and reduces the risk of attack escalation for organizations running Active Directory with Google’s managed service.
Active Directory is estimated to be used by over 90% of businesses to organize users, computers, and services. Attackers target it frequently because it is a centralized directory that they can use to understand the network and gain the privileges that they need to advance their attacks. The requirement for open access and the availability of automated tools designed to help attackers break into AD make protecting this environment a challenge.
The Attivo ADSecure solution detects unauthorized queries within the managed AD service to reduce the risk of successful enumeration. The solution alters the query response and returns deceptive objects that misdirect attackers to a decoy when they try to use them. By detecting unsanctioned access to AD, security teams receive alerts early in the attack lifecycle, and the attacker is less likely to get the critical AD information they were seeking. Additionally, the ADSecure solution reduces the attack surface by misdirecting attackers into a deception environment that safely gathers TTPs (Tactics, Techniques, and Procedures) to aid in the development of company-specific threat intelligence and accelerated response. Further, the solution operates without altering the production AD, eliminating a critical adoption barrier presented by alternative security solutions.