Attivo BOTsink Solution
Provides a distributed deception and decoy solution that is designed to deceive, detect and defend against BOT and Advanced Persistent Threat (APT) attacks. The architecture uses an Analyze, Monitor and Record (AMR) Engine to feed events into the Multi Dimensional Correlation Engine (MDCE) to generate an attack sequence. The MDCE captures and analyzes the BOT and APT activities to provide the actionable intelligence needed to shut down a breach. Hosts network services across multiple virtual machines, IP services and subnets to lure attackers into revealing themselves as soon as they start to look for high-value assets. Designed to engage the APTs and BOTs and stop the attack from communicating and propagating. A central management console for network, data center, cloud and other environments is provided.