Logo of Acalvio, a leading company in cyber deception technology

Acalvio ShadowPlex Active Defense, built on ShadowPlex Autonomous Deception platform, provides early detection of cyber threats with precision and speed. ShadowPlex is built on 25+ issued patents and leverages AI to make deployment and management of deception autonomous. Based on unique DeceptionFarms® architecture, ShadowPlex Active Defense delivers distributed deception at enterprise scale, across on-premises, OT and Cloud workloads. Advanced Threats have evolved to living-off-the-land, file-less, malware-less, becoming stealthier and persistent, making them very hard to detect. ShadowPlex Active Defense combines breakthrough Deception Technology with Advanced Analytics, to detect and respond to such advanced threats.

Wide Range of Support

Customized Deception for IT & OT Networks Covers On-Premises & Cloud workloads and Remote Users

Advanced threat defense in IT network system

On-Premises
IT Networks

Advanced threat protection in OT/ICS Networks

OT/ICS
Networks

Advanced threat defense in Google cloud, AWS, Azure

Cloud
Workloads

Advance threat protection for people working remotely

Remote
Users

Comprehensive Deception Palette

ShadowPlex provides a variety of deceptions to cast a wide net to arrest threats before they can cause harm.The deception types span Decoys that are added to the network, Breadcrumbs that are deployed on existing enterprise assets, Baits that act as tripwires on endpoints and Lures that are deliberately mis-configured or vulnerable services or applications that can be effectively used in ferreting latent threats. The extensible framework allows customers to add new deception types.

ShadowPlex deception palette for active threat defense

Flexible Deployment Options

Acalvio ShadowPlex deception deployment from cloud to on-premises for advanced threat protection

Cloud to On-Premises

Easy deployment from your
favorite cloud provider

Acalvio ShadowPlex deception deployment from on-premises to on-premises network for advanced threat protection

On-Premises to On-Premises

On-premises hosting of our cloud-scalable
deception platform

Acalvio ShadowPlex deception deployment from cloud to cloud network for advanced threat protection

Cloud to Cloud

Protect cloud workloads with deceptions
delivered from the cloud

Field customizable and extensible deception deployment for active threat defense

Field Customizable and Extendable

Agentless Endpoint Deception Deployment and Refresh

  • Breadcrumbs/baits automatically configured and personalized for every individual host
  • No footprint left behind on assets. Ensures no additional attack surface and no fingerprints
  • Breadcrumbs and Baits periodically updated to keep fresh and dynamic

Deception Operationalized by Artificial Intelligence

AI Integrated into Every Step

Design of deception for advanced threat protection

Ease of Use

Active Defense against Identity Attacks

Effective Deception

Blended and Relevant Deception for every subnet
and every endpoint

Use Cases

Detection of Endpoint Exploits and Lateral Movement

  • Deploy a comprehensive layer of deception across endpoints and enterprise network to detect attacks, even zero-day exploits

Protection Against Ransomware Attacks

  • Specialized Deceptions to detect known and zero-day ransomware

Detection of LLMNR Poisoning

  • Automatic LLMNR requests to detect poisoning attempts

Comprehensive Active Directory Protection

  • Protect the Production Domain at an early stage of attack and also against advanced AD Attacks

Protection of Key Assets

  • Specialized Deceptions and Analytics to protect key assets in the Enterprise network

Log4Shell Protection

  • Provides visibility into vulnerable assets and detects exploit attempts
Auto-triaging of Acalvio's ShadowPlex detection events

Auto-triaging of ShadowPlex Detection Events

  • Leverages multiple data sources and advanced analytics to auto-triage all deception events.
  • Auto-triaging ensures only high-fidelity detection incidents are highlighted and forwarded to the SIEM, SOAR or IR platforms.
  • Maps to MITRE ATT&CK Framework and covers MITRE Engage

Powerful Response Capabilities

Automated and real-time quarantine of endpoints

Automated and Real-time Quarantine of endpoints

Engage with just-in-time high-interaction decoys for advanced threat protection

Engage with just-in-time high-interaction decoys

Divert attacker using dynamic deception

Divert / Slow-down Attacker using Dynamic Deception

Integration with Security Ecosystem

ShadowPlex integrates with a wide range of solutions such as SOAR, SIEM, EDR, AD, Network Management Solutions, Email Servers, Software Management Solutions (such as SCCM, Chef, Puppet, and other platform-specific tools) among other solutions. ShadowPlex leverages integrations with these defense systems for network discovery, gathering forensic data from endpoints, breadcrumb and bait deployment on network endpoints and assets, as well as for automated response.

Acalvio ShadowPlex advanced threat protection integrates with the existing security ecosystem

Next Steps

Explore our patented technologies to enable Active Defense and Identity Protection in your enterprise.

Loading...