[et_pb_section fb_built=”1″ admin_label=”Header: Active Directory Protection” _builder_version=”4.7.0″ background_image=”https://acalvio.p2staging.us/wp-content/uploads/2020/05/2020_Acalvio_Secondary_1920x486_14-Cloud.jpg” custom_margin=”0px|0px|0px|0px” da_disable_devices=”off|off|off” da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row admin_label=”Header: Active Directory Protection” _builder_version=”4.7.0″ background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”HEADER: Active Directory Protection” _builder_version=”4.7.0″ text_text_color=”#ffffff” text_font_size=”32″ header_font=”|600|||||||” header_text_align=”center” header_text_color=”#ffffff” header_font_size=”42px” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_text_color=”#ffffff” header_2_font_size=”36px” text_orientation=”center” background_layout=”dark” module_alignment=”center” text_font_size_tablet=”” text_font_size_phone=”” text_font_size_last_edited=”on|phone” header_font_size_tablet=”36px” header_font_size_phone=”26px” header_font_size_last_edited=”on|phone” header_2_font_size_tablet=”30px” header_2_font_size_phone=”20px” header_2_font_size_last_edited=”on|phone”]

Acalvio ShadowPlex^TM Active Directory Protection

[/et_pb_text][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ _builder_version=”4.7.0″ _module_preset=”default” background_enable_image=”off” da_disable_devices=”off|off|off” da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row column_structure=”3_5,2_5″ disabled_on=”on|on|off” _builder_version=”4.7.0″ _module_preset=”default”][et_pb_column type=”3_5″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_text admin_label=”Active Directory (AD) is at the core of most enterprise ” _builder_version=”4.7.0″ text_font_size=”28″ text_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Active Directory (AD) is at the core of most enterprise infrastructure and holds valuable, critical information on user identities, network assets, applications, services, policies, and authentication data. However, given the legacy architecture principles that AD was built upon decades ago, completely securing this crown jewel with todaybs diverse technology and infrastructure complexity has been a challenge for most organizations. This challenge only compounds against the rapid and sophisticated evolution of the threat landscape.

[/et_pb_text][et_pb_text admin_label=”Attacks against AD can have far-reaching consequences” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”28″ text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Attacks against AD can have far-reaching consequences for every organization across multiple industries. While the security posture and strategy have taken the main stage at every organization today, the solutions mostly involve increasing audit logging, disabling tools, vulnerability scanning, or installing security agents on endpoints and other assets. While these solutions are necessary, they can only provide a limited solution for advanced threat defense against key assets such as Active Directory.

[/et_pb_text][/et_pb_column][et_pb_column type=”2_5″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_image src=”https://acalvio.p2staging.us/wp-content/uploads/2022/04/Shadowplex-AD-Protection.png” title_text=”Shadowplex-AD-Protection” _builder_version=”4.7.0″ _module_preset=”default”][/et_pb_image][/et_pb_column][/et_pb_row][et_pb_row disabled_on=”off|off|on” _builder_version=”4.7.0″ _module_preset=”default”][et_pb_column type=”4_4″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_text admin_label=”Active Directory (AD) is at the core of most enterprise ” _builder_version=”4.7.0″ text_font_size=”28″ text_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Active Directory (AD) is at the core of most enterprise infrastructure and holds valuable, critical information on user identities, network assets, applications, services, policies, and authentication data. However, given the legacy architecture principles that AD was built upon decades ago, completely securing this crown jewel with todaybs diverse technology and infrastructure complexity has been a challenge for most organizations. This challenge only compounds against the rapid and sophisticated evolution of the threat landscape.

Attacks against AD can have far-reaching consequences for every organization across multiple industries. While the security posture and strategy have taken the main stage at every organization today, the solutions mostly involve increasing audit logging, disabling tools, vulnerability scanning, or installing security agents on endpoints and other assets. While these solutions are necessary, they can only provide a limited solution for advanced threat defense against key assets such as Active Directory.

[/et_pb_text][et_pb_image src=”https://acalvio.p2staging.us/wp-content/uploads/2022/04/Shadowplex-AD-Protection.png” title_text=”Shadowplex-AD-Protection” _builder_version=”4.7.0″ _module_preset=”default”][/et_pb_image][/et_pb_column][/et_pb_row][et_pb_row _builder_version=”4.7.0″ _module_preset=”default” collapsed=”off”][et_pb_column type=”4_4″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_text admin_label=”Acalvio ShadowPlex is an autonomous deception platform” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”left” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Acalvio ShadowPlex is an autonomous deception platform that provides an AI-based deception solution for Active Directory protection. ShadowPlexbs strong capabilities include preventing attacks on Active Directory by providing continuous visibility into possible attack surfaces, predicting the attackerbs path, slowing down, confusing or diverting the attacker, predicting and detecting the TTP at every stage, and ultimately, even selectively changing the attackerbs perception of the network.

[/et_pb_text][et_pb_text admin_label=”ShadowPlex supports on-premises AD deployments” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

ShadowPlex supports on-premises AD deployments, Azure AD, and Hybrid AD deployments. The following are the key features of ShadowPlexbs AD protection solution:

[/et_pb_text][et_pb_text admin_label=”Active Directory InSights and Image” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” hover_enabled=”0″ text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone” sticky_enabled=”0″]

Active Directory InSights^TM

ShadowPlex Active Directory InSights^TM presents an Attackerbs View of the network and reveals the attack surface and risk exposure in the production domains.

[/et_pb_text][et_pb_text admin_label=”The first step in reducing the attackerbs chance & Image” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”left” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” hover_enabled=”0″ text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone” sticky_enabled=”0″]

The first step in reducing the attackerbs chance for success is to reduce the attack surface. ShadowPlex leverages threat intelligence from various sources using pre-built integrations to build the attackerbs view. This view can be invaluable for the defense teams to proactively reduce the attack surface.

[/et_pb_text][et_pb_text admin_label=”The ShadowPlex AD InSights” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”left” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

The ShadowPlex AD InSights^TM provides security and IT administrators, continuous visibility into potential security risk exposure introduced by factors such as unprotected administrator accounts, shadow administrators, over-permissioned accounts, kerberoastable accounts, unmanaged SPNs, and service accounts, among other misconfigurations. ShadowPlex generates these extensive insights spanning user and computer accounts, groups, GPOs, ACLs, domains, forests and trust relationships, and other AD artifacts.

[/et_pb_text][et_pb_text admin_label=”Even in modestly complex Active Directory environments” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”12px” text_line_height=”1em” header_4_text_align=”left” header_4_line_height=”1.3em” text_orientation=”center” module_alignment=”left”]

Even in modestly complex Active Directory environments, it can often be a challenge to track objects and present the attack surface. ShadowPlex solves this problem without requiring any manual intervention. ShadowPlex does not require any special privileges or permissions on the domain to generate the attack surface insights.

[/et_pb_text][et_pb_text admin_label=”Attack Path Analysis” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Attack Path Analysis

In any enterprise, with continuous growth and restructuring, there is a complex and evolving ecosystem of users, computers, groups, GPOs, and other objects. Management blind spots, vulnerabilities, misconfigurations, and inadequate access controls in AD present a significant security risk. Attackers leverage AD misconfigurations and vulnerabilities to identify attack paths that facilitate lateral movement and privilege escalation to compromise valuable assets on the network.

[/et_pb_text][et_pb_text admin_label=”Attackers use tools such as BloodHound ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”12px” text_line_height=”1em” header_4_text_align=”left” header_4_line_height=”1.3em” text_orientation=”center” module_alignment=”left”]

Attackers use tools such as BloodHound to analyze the attack paths on the network and even find the shortest path to their targets. ShadowPlex Attack Path provides the powerful capability for the defense teams to proactively predict these attack paths and remediate them to significantly reduce the exposure.

[/et_pb_text][et_pb_text admin_label=”A typical enterprise may have many” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”12px” text_line_height=”1em” header_4_text_align=”left” header_4_line_height=”1.3em” text_orientation=”center” module_alignment=”left”]

A typical enterprise may have many viable attack paths that can potentially lead attackers to their targets. ShadowPlex Attack Path combines AI-based Advanced Deception with Graph Theory to identify attack paths involving exploitable chains of relations. Each graph represents potential paths that adversaries can traverse from exploitable accounts or endpoints to reach valuable assets on the network.

[/et_pb_text][et_pb_text admin_label=”This feature serves as a powerful ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”12px” text_line_height=”1em” header_4_text_align=”left” header_4_line_height=”1.3em” text_orientation=”center” module_alignment=”left”]

This feature serves as a powerful Active Defense tool to proactively disrupt viable attack paths to valuable assets and add deceptions to strengthen defenses.

[/et_pb_text][et_pb_text admin_label=”Curated ShadowPlex Deceptions for Active Directory Protection” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Curated ShadowPlex Deceptions for Active Directory Protection

Attacks against Active Directory are hard to detect and sometimes even undetectable given that they use legitimate domain credentials, service accounts and domain authenticated computers. Detection using traditional triaging or event log monitoring does not surface conclusive malicious activity.

[/et_pb_text][et_pb_text admin_label=”Acalvio offers an extensive variety of deceptions ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Acalvio offers an extensive variety of deceptions that is fundamental to Active Directory protection.

[/et_pb_text][et_pb_text admin_label=”ShadowPlex provides pre-defined” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

ShadowPlex provides pre-defined Active Directory Protection Deceptions that combine targeted deceptions with AI. Deceptions for AD consist of Decoy Computers, Services, User and Service Accounts, and SPNs that are recommended by the AI engine to seamlessly blend into the AD environment. The deceptions are registered in the production AD..

[/et_pb_text][et_pb_text admin_label=”ShadowPlex provides a pre-built curated palette of ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

ShadowPlex provides a pre-built curated palette of non-fingerprintable deceptions designed specifically to detect advanced Active Directory attacks, such as:

KERBEROASTING
AS-REP ROASTING
UNCONSTRAINED DELEGATION COMPUTER ATTACKS
RECON ATTACKS
DCSYNC
AZURE AD CONNECT ATTACKS
ADFS/GOLDEN SAML

[/et_pb_text][et_pb_text admin_label=”Auto Recommendation and Placement of Deceptions” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Auto Recommendation and Placement of Deceptions

An effective deception strategy should include deceptions that blend into the enterprise environment. In large, complex Active Directory environments, determining the type and placement of deceptions is a practical challenge for enterprises.

[/et_pb_text][et_pb_text admin_label=”ShadowPlex uses AI algorithms to auto-recommend” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

ShadowPlex uses AI algorithms to auto-recommend the right type of entity names and attributes such as unique identifiers for SPNs, and best-practice conventions for service accounts among others to make deceptions attractive to attackers. ShadowPlex also devises an effective deception placement strategy to divert attackers away from assets and toward decoys. This capability removes the burden of IT teams manually specifying the properties and placement of deceptions.

[/et_pb_text][et_pb_text admin_label=”Auto recommendation and placement ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Auto recommendation and placement of deceptions is not a one-time activity. Active Directory environments undergo constant change. As a result, deception strategy, deployment, and placement must be reviewed periodically. ShadowPlex runs in autonomous mode, auto-discovers changes, and appropriately adjusts deceptions to blend with the network. It recommends relevant, new deceptions without requiring manual intervention. This is a unique capability aimed at ensuring that deceptions are current and dynamic.

[/et_pb_text][et_pb_text admin_label=”ShadowPlexbs dynamic deceptions combined ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

ShadowPlexbs dynamic deceptions combined with AI for blending and recommendation ensure that the deception quality and realism are best-in-class.

[/et_pb_text][et_pb_text admin_label=”Decoy Containment” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Decoy Containment

ShadowPlex has the in-built capability to contain Deceptions (Decoy Computers and Service Accounts/Users) to ensure that attackers cannot use these deceptions to cause harm to the production network. For example, Decoy Computers are contained using the patented ShadowPlex Deception Farms Architecture.

[/et_pb_text][et_pb_text admin_label=”Attackers cannot disable ShadowPlex containment” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Attackers cannot disable ShadowPlex containment. This ensures that attackers cannot leverage the Decoy as a pivot point to mount attacks against the production network. Similarly, Service Accounts have in-built containment to ensure that attackers cannot use these accounts to gain access to production assets.

[/et_pb_text][et_pb_text admin_label=”AI-based Traversal Analysis” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

AI-based Traversal Analysis

ShadowPlex provides a capability for viewing real-time attack progression. ShadowPlex generates the traversal path by leveraging advanced AI techniques. The path shows possible routes that a threat may have taken to reach the asset under investigation.

[/et_pb_text][et_pb_text admin_label=”Automated Response” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Automated Response

Given the malicious nature of Active Directory attacks, robust containment of an attacker is a requirement. Acalvio ShadowPlex offers comprehensive and automated response mechanisms and leverages integrations with SOAR, EDR, and Network Management solutions for automated actions such as the ability to isolate or quarantine compromised endpoints, kill a malicious process, or complete shutdown. Additionally, ShadowPlex also offers effective responses such as Diverting an Attacker away from production assets to adjacent decoys to protect the real assets. Another response mechanism is to Slow Down the attacker’s progress by deploying several identical deceptions to surround the production asset while ShadowPlex surfaces the attacker’s trajectory for quick defense and IR actions.

[/et_pb_text][et_pb_text admin_label=”Learn More Button” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”][/et_pb_text][et_pb_text admin_label=”Get in touch with Acalvio ” _builder_version=”4.7.0″ _module_preset=”default” text_font_size=”18px” text_line_height=”1.3em” ul_font_size=”18px” ul_line_height=”1.3em” header_2_font=”|700|||||||” header_2_text_align=”center” header_2_font_size=”32px” header_2_line_height=”1.3em” header_4_text_align=”left” header_4_line_height=”1.3em” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|phone” header_2_font_size_tablet=”24px” header_2_font_size_phone=”16px” header_2_font_size_last_edited=”on|phone”]

Get in touch with Acalvio to schedule a demo of ShadowPlex Active Directory Protection or please refer to the articles in our Blog section for more information:

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”1_3,1_3,1_3″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_column type=”1_3″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_button button_url=”https://www.acalvio.com/protecting-microsoft-active-directory-understanding-the-attack-surface/” button_text=”Part 1: Understanding the Attack Surface” admin_label=”Part 1: Understanding the Attack Surface” _builder_version=”4.7.0″ _module_preset=”default” custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#a21d20″ button_icon_color=”#ffffff” background_layout=”dark”][/et_pb_button][/et_pb_column][et_pb_column type=”1_3″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_button button_url=”https://www.acalvio.com/protecting-microsoft-active-directory-part-2-attack-paths/” button_text=”Part 2: Deception-based AD Security” admin_label=”Part 2: Deception-based AD Security” _builder_version=”4.7.0″ _module_preset=”default” custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#a21d20″ button_icon_color=”#ffffff” background_layout=”dark”][/et_pb_button][/et_pb_column][et_pb_column type=”1_3″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_button button_url=”https://www.acalvio.com/protecting-microsoft-active-directory-part-3/” button_text=”Part 3: Deception-based AD Security” admin_label=”Part 3: Deception-based AD Security” _builder_version=”4.7.0″ _module_preset=”default” custom_button=”on” button_text_color=”#ffffff” button_bg_color=”#a21d20″ button_icon_color=”#ffffff” background_layout=”dark”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section][et_pb_section fb_built=”1″ admin_label=”CTA with side x side Buttons” _builder_version=”3.22″ background_image=”https://acalvio.p2staging.us/wp-content/uploads/2018/06/Acalvio_Secondary_1920x486_06.jpg” da_disable_devices=”off|off|off” border_color_all=”#a21d20″ da_is_popup=”off” da_exit_intent=”off” da_has_close=”on” da_alt_close=”off” da_dark_close=”off” da_not_modal=”on” da_is_singular=”off” da_with_loader=”off” da_has_shadow=”on”][et_pb_row _builder_version=”3.25″ max_width=”80%” module_alignment=”center” use_custom_width=”on” width_unit=”off”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text admin_label=”Next Steps” _builder_version=”3.27.4″ text_text_color=”#ffffff” text_font_size=”24″ header_text_color=”#ffffff” header_font_size=”38px” custom_padding=”|25px||25px” text_font_size_tablet=”18″ text_font_size_phone=”14″ text_font_size_last_edited=”on|desktop” header_font_size_tablet=”28px” header_font_size_phone=”24px” header_font_size_last_edited=”on|phone”]

Next Steps

[/et_pb_text][et_pb_text admin_label=”Explore our patented technologies to enable Active Defense in your enterprise.” _builder_version=”4.7.0″ text_text_color=”#ffffff” text_font_size=”24px” background_layout=”dark”]

Explore our patented technologies to enable Active Defense in your enterprise.

[/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row module_class=”btn-inline” _builder_version=”3.25″ module_alignment=”center” custom_css_main_element=” “][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_button button_url=”https://www.acalvio.com/resources-and-documents/case-studies/” button_text=”CASE STUDIES” admin_label=”CASE STUDIES button” _builder_version=”4.7.0″ custom_button=”on” button_border_color=”#a21d20″ button_use_icon=”off” background_layout=”dark” custom_css_main_element=”background-color: #A21D20;” button_text_color_hover=”#ffffff” button_border_color_hover=”rgba(255,255,255,0.5)” button_bg_color_hover=”rgba(255,255,255,0)” button_text_size__hover_enabled=”off” button_one_text_size__hover_enabled=”off” button_two_text_size__hover_enabled=”off” button_text_color__hover_enabled=”on” button_text_color__hover=”#ffffff” button_one_text_color__hover_enabled=”off” button_two_text_color__hover_enabled=”off” button_border_width__hover_enabled=”off” button_one_border_width__hover_enabled=”off” button_two_border_width__hover_enabled=”off” button_border_color__hover_enabled=”on” button_border_color__hover=”#ffffff” button_one_border_color__hover_enabled=”off” button_two_border_color__hover_enabled=”off” button_border_radius__hover_enabled=”off” button_one_border_radius__hover_enabled=”off” button_two_border_radius__hover_enabled=”off” button_letter_spacing__hover_enabled=”off” button_one_letter_spacing__hover_enabled=”off” button_two_letter_spacing__hover_enabled=”off” button_bg_color__hover_enabled=”on” button_bg_color__hover=”rgba(255,255,255,0)” button_one_bg_color__hover_enabled=”off” button_two_bg_color__hover_enabled=”off”][/et_pb_button][et_pb_button button_url=”https://www.acalvio.com/schedule-a-demo/” button_text=”SCHEDULE A DEMO” admin_label=”Demo Button” _builder_version=”4.7.0″ custom_button=”on” button_border_color=”#a21d20″ button_use_icon=”off” background_layout=”dark” custom_css_main_element=”background-color: #A21D20;” button_text_color_hover=”#ffffff” button_border_color_hover=”#ffffff” button_bg_color_hover=”rgba(255,255,255,0)” button_text_size__hover_enabled=”off” button_one_text_size__hover_enabled=”off” button_two_text_size__hover_enabled=”off” button_text_color__hover_enabled=”on” button_text_color__hover=”#ffffff” button_one_text_color__hover_enabled=”off” button_two_text_color__hover_enabled=”off” button_border_width__hover_enabled=”off” button_one_border_width__hover_enabled=”off” button_two_border_width__hover_enabled=”off” button_border_color__hover_enabled=”on” button_border_color__hover=”#ffffff” button_one_border_color__hover_enabled=”off” button_two_border_color__hover_enabled=”off” button_border_radius__hover_enabled=”off” button_one_border_radius__hover_enabled=”off” button_two_border_radius__hover_enabled=”off” button_letter_spacing__hover_enabled=”off” button_one_letter_spacing__hover_enabled=”off” button_two_letter_spacing__hover_enabled=”off” button_bg_color__hover_enabled=”on” button_bg_color__hover=”rgba(255,255,255,0)” button_one_bg_color__hover_enabled=”off” button_two_bg_color__hover_enabled=”off”][/et_pb_button][/et_pb_column][/et_pb_row][/et_pb_section]

Active Directory Protection

Acalvio ShadowPlexTM Active Directory Protection

ShadowPlex supports on-premises AD deployments, Azure AD, and Hybrid AD deployments. The following are the key features of ShadowPlexbs AD protection solution:

Active Directory InSightsTM

ShadowPlex Active Directory InSightsTM presents an Attackerbs View of the network and reveals the attack surface and risk exposure in the production domains.