Products
- Products
  
  Platform
  ShadowPlex Advanced Threat Defense
  Deception for early detection of cyber threats with precision and speed
  
  ShadowPlex Identity Protection
  Visibility, management and protection of identity stores and attack paths
  Acalvio Active Defense Platform
  Comprehensive and Award-winning Distributed Deception Platform
  
  What is Active Defense?
  Active defense detects and diverts attacks.
  
  Why do I need Acalvio Active Defense?
  Active Defense deceives and disrupts attackers.
Solutions
- Technology Solutions
  
  Industry Solutions
  Early Threat Detection
  Detect cyber threats early in the attack lifecycle to prevent adversary breakout
  
  Identity Threat Detection & Response
  Detect identity threats with precision and protect the identity architecture
  
  OT Security
  Protect OT environments from cyber threats with an easy-to-deploy and non-intrusive solution
  
  Red Teaming
  Strengthen defenses to detect red team activities
  
  Threat Hunting
  Active threat hunting to confirm latent threats and gain visibility to attacker TTPs
  
  Ransomware
  AI-driven deception to protect against known and zero-day ransomware variants
  
  Honeytokens for CrowdStrike
  Enterprise-scale honeytokens to protect against current and evolving identity threats
  
  Active Directory Protection
  Visibility to AD attack surface and detection of AD attacks
  
  Zero Trust
  Advance Zero Trust maturity through improved cyber visibility
  
  Insider Threats
  Unmask hidden dangers. Cyber deception for high-fidelity insider threat detection
  Public Sector
  Targeted solution for protecting Federal agencies in conformation with NIST and CISA recommendations
  
  Financial Services
  Transform Financial Cybersecurity with Innovative Cyber Deception and Active Defense
  
  Healthcare
  Active defense solutions thwart healthcare attacks before they can inflict real damage.
Resources
Partners
Company

Acalvio App to be Available on the CrowdStrike Store

by Team Acalvio | November 05, 2019

CrowdStrike® Trusted Partners’ solutions go beyond simple integrations.

Our partnership with CrowdStrike not only makes Deception easy to deploy for CrowdStrike customers, but also introduces a powerful new capability – Deception-based Active Threat Hunting.

The CrowdStrike Falcon® platform offers next-generation endpoint security with an intelligent, easy-to-install lightweight agent. ShadowPlex Autonomous Deception Solution uses the Falcon agent for simplifying all aspects: deploying deceptions, detecting malicious activity, engaging with the adversary and enacting timely and appropriate response.

Deployment of breadcrumbs and baits on endpoints is now completely autonomous.
Detection to track access to breadcrumbs – attack is detected not when breadcrumbs are used, but even when breadcrumbs are accessed. This is the big advantage of having the Falcon agent on the enterprise hosts watching who accesses the carefully hidden breadcrumbs.
Response – to quickly isolate a compromised system.

The Falcon platform stores the rich data collected from the enterprise hosts in the CrowdStrike Threat Graph®. The platform also includes a sandbox – CrowdStrike Sandbox that performs deep analysis of evasive and unknown threats. We leveraged these technologies to provide a new threat hunting capability.

Deception-based Active Threat Hunting empowers IR teams in the following areas:

Adversary Traversal Analysis: When an attack interacts with a decoy, we identify the source as a compromised host. The Threat Hunting capability uses the data from the Threat Graph to trace the attack deep into the enterprise network. We start from a deception incident and walk back by mining the data from the Threat Graph and using AI techniques, to come up with the list of all hosts compromised along the attacker’s path to the decoy
Attacker View: CrowdStrike collects detailed data from each enterprise host. Based on the deception incident and data in Threat Graph, ShadowPlex builds comprehensive adversary indicators of attack (IOAs).
Similarity Analysis: The IOAs generated are to proactively identify machines susceptible to observed exploits or already compromised.
Ransomware Protection: Deception-based precise detection and rapid engagement of ransomware to complement the CrowdStrike machine-learning-based protection.
Alert Triage: New workflows are built for active threat hunting to expose latent threats. Analysts can do hypothesis testing by creating deception targeting specific threats.

Acalvio ShadowPlex cloud-delivered deception integrates with and perfectly complements CrowdStrike’s cloud-delivered endpoint protection. Organizations can try, buy and deploy ShadowPlex from the CrowdStrike store. The partnership provides customers not only better deception that is easier to deploy, but also a powerful new threat hunting capability. Visit our Crowdstrike store here.

VISIT CROWDSTRIKE STORE