Vendor's experts learned their business through hacking Active Directory
Javelin Networks now has a deal for the Benelux market in an expanded partnership with top Cybersecurity solution distributor Exclusive Networks.
Luk Schoonaert, Technology Director of Exclusive Networks. Schoonaert covered the best (and worst) hack attacks of 2017 at the annual NetSec security conference in Brussels this week. He cited Javelin Networks as one of the hot new companies CISOs and security solution providers should pay serious attention to when considering credential theft and lateral movement prevention technology, with deception and post breach containment technology on the endpoint.
The core of Javelin’s technology is authentic resource deception derived from the organization’s Active Directory structure. Javelin Networks was founded in 2014 by three intelligence experts from the Israeli Defense Forces. During their time in the military, they were taught to attack organizations through Windows Active Directory, which enabled them to compromise an entire organization undetected, indefinitely. The problem Javelin’s founders encountered was that the security industry is focused on defending endpoints, servers, applications, and the network individually without taking into consideration how they are joined to and authenticated with each other, they say. When resources are managed in a Corporate Domain environment, the rules of security change. Individual device security is insufficient when the central heart of corporate IT management—the Active Directory—remains unprotected.
Javelin AD|Protect defends the Active Directory while providing autonomous breach detection, containment, incident response, and threat hunting capabilities. It combines technologies such as Native Language Processing, obfuscation, and forensics methodologies to stop the attacker at the point of breach, it says.
Javelin AD|Assess leverages algorithms to gather in-depth information about the configuration of the domain, privileged accounts, security settings, GPO, endpoints, domain controller, and Kerberos. Then, it will autonomously analyze components of the Corporate Domain and Active Directory structure for Dark Corners and backdoors attackers may have left behind.