It only takes one compromised computer to destroy an entire organization. The reason is that attackers use valid credentials and all the information stored in the Active Directory to move deeper into the organization—undetected, indefinitely.
Javelin AD|Protect, A.I.-driven platform, protects the Active Directory and provides autonomous breach prevention and containment, incident response, and threat hunting capabilities. By combining A.I., obfuscation and advanced forensics methodologies right at the point of breach, AD|Protect can respond automatically and in real time to contain the attack.
Its not a matter of if an intruder will get in, it’s a matter of how far.
VJay LaRosa, Senior Vice President, Security Architecture, ADP
How It Works
AD|Protect unique A.I. controls the attacker’s perception of locally stored credentials and the entire organization’s internal resources, including all endpoints, servers, users and applications, right at the point of breach.
AD|Protect autonomously learns the organization’s AD structure in its entirety (servers, endpoints, applications, users, branches, naming conventions, configurations, etc.) and uses this data to create an unlimited number of new fake resources, then presents the fake resources to the attacker right at the endpoint. This way, real AD resources are not revealed to the attacker, and when he interacts with or attempts to move laterally from the compromised machine to one of these fake resources, it triggers a high-fidelity alert and forces the attacker to reveal themselves, without the attacker even realizing that they have been detected.
IR, Hunting and Breach Containment
Using unique IR methodologies specifically designed for a corporate domain environment, AD|Protect collects and analyzes forensic evidence from multiple sources, determining if the attack is a local incident or part of a bigger effort.
AD|Protect automatically traces and eliminates the source’s malicious process, communicating internally or externally and contains the breach in real time, without disrupting the end user or business. A variety of mitigation methods are available, depending on corporate policy and objective.
Persistence and Misconfiguration Prevention
In a corporate domain environment, attackers find ways to leave behind backdoors and persistence hooks, allowing them to come back at any time. AD|Protect continuously probes for domain misconfigurations, attack persistency and, with policy approval, will automatically fix these errors to eliminate high-risk potential scenarios of attack persistence.
Javelin is a simple, undetectable and agentless software-only approach to stopping intruders without false positives, network data collection or operational overhead. It provides the most advanced breach containment available.
Enterprise security teams and IT operations teams must agree to leapfrog existing security solutions and move immediately to world class solutions that have the ability to stop elite hackers.
Ed Amoroso, former Chief Security Officer, AT&T