Acalvio ShadowPlex Integrates with the CrowdStrike Falcon Platform to Provide Deception Technology for Accelerated Detection and Investigation of Advanced Threats
Santa Clara, CA – Feb 6, 2020 — Acalvio Technologies, the leader in autonomous deception solutions, today announced the availability of its ShadowPlex Application in the CrowdStrike® Store to deliver customers high-fidelity detections of threat activity and timely alerts based on dynamic deception.
Acalvio’s patented and award-winning Autonomous Deception solution, ShadowPlex, enables organizations to detect, investigate and respond to malicious intruder and insider activity. Acalvio’s solutions are anchored on innovations in Distributed Deception combined with Software Defined Networking (SDN) and Artificial Intelligence (AI), enabling security teams to cut through the cycle of endless alerts and accelerate threat detection and investigation by focusing on high fidelity detections, while minimizing false positives.
“We are excited to partner with Acalvio to bring CrowdStrike Falcon® customers deception technology that extends the power of our platform by enabling deception-based autonomous threat detection. Endpoint defense from CrowdStrike integrated with deception-based threat detection and response from Acalvio provides a comprehensive security suite that customers need to address current and emerging threats,”
said Andy Horwitz, vice president of CrowdStrike Store.
The ShadowPlex Platform enables security teams to detect, investigate and remediate unknown threats using a rich variety of deceptions that integrate seamlessly into a customer’s network. Specific benefits of the ShadowPlex platform include:
- Effective Deception: Acalvio’s FluidDeceptionTM automatically presents attackers with a comprehensive set of realistic and non-fingerprintable decoys, lures, baits and breadcrumbs that blend in with an organization’s actual network and assets.
- Autonomous: DevOps for DeceptionTM facilitates dynamic and autonomous deployment of the most effective and relevant deceptions, thereby dramatically reducing the cost of operation.
- Simplified Scalability: DeceptionFarmsTM simplify the management of distributed deceptions across network topologies. ShadowPlex scales on multiple dimensions – a quantity of decoys; coverage of ROBO (remote offices/branch offices); and nature of workloads that need protection – IT and OT.
CrowdStrike provides deep insight into enterprise endpoint activity, using next-generation antivirus and endpoint detection and response (EDR). Acalvio ShadowPlex provides a new stream of high-fidelity and timely alerts based on dynamic deception. The combination provides a powerful capability that not only brings additional value to the data captured by CrowdStrike, but also enables deception-based autonomous threat hunting for finding dormant threats. The integration enables new capabilities within ShadowPlex, such as:
- Adversary Traversal Analysis: Identify the hosts compromised along the attacker’s path to the decoy
- Hypothesis testing: Deception-based active threat hunting to expose latent threats and confirm hypothesis
- Adversary Indicators of Attack (IOAs) View: Generate adversary IOAs based on comprehensive collection and analysis of attack tactics, techniques and procedures (TTPs), from high-interaction decoys and compromised enterprise hosts
“ShadowPlex is unique in its ability to detect malicious activity with precision and speed. CrowdStrike’s 1/10/60 rule: 1 minute to detect, 10 minutes to investigate and 60 minutes to remediate is a key imperative for all organizations to combat advanced threats. In an industry first, we have combined Deception Technology with EDR to provide (1) precise and timely detection via intelligently placed decoys, (2) sophisticated threat hunting and analytics to speed up investigation and gathering of TTPs, and (3) effective and comprehensive remediation. This combination delivers a complete and effective threat detection, engagement and remediation solution in the industry,”
Ram Varadarajan, co-founder & chief executive officer for Acalvio Technologies.
“Security solutions delivered from the cloud require a fundamentally different and modern architecture. ShadowPlex represents a Quantum Leap in Deception Technology in its Ease of Deployment, Detection Efficacy, Scalability, User Experience and API support. The integration of the CrowdStrike Falcon platform and Acalvio’s Autonomous Deception solution should be very well received by the marketplace,”
said Jack Poller, senior analyst at ESG Research.
Acalvio’s ShadowPlex application is available in the CrowdStrike Store today for Falcon platform customers.
Acalvio provides Advanced Threat Defense solutions to detect, engage and respond to malicious activity inside the perimeter for Enterprise IT and OT applications. The solutions are anchored on patented innovations in Dynamic Deception combined with SDN (Software Defined Networking) and Data Science. This enables a DevOps approach to deploying enterprise-scale pervasive deception, with low IT administrative overhead. Acalvio integrates with other ‘best in class’ solutions in the security industry, enabling customers to benefit from defense in depth; reduce false positives; and derive actionable intelligence for remediation. ShadowPlex is MSSP-ready and supports flexible deployment options: on-premises and From the Cloud. Acalvio has blue chip clients and partners; and is the recipient of 2018 Trust Award from SC Magazine and the RSA 2018 Innovation Sandbox Finalist Award. The Silicon Valley based company is led by an experienced team with a track record of innovation and market leadership and backed by marquee investors. For more information, please visit www.acalvio.com