Acalvio ShadowPlex Active Defense, built on ShadowPlex Autonomous Deception platform, provides early detection of cyber threats with precision and speed. ShadowPlex is built on 25+ issued patents and leverages AI to make deployment and management of deception autonomous. Based on unique DeceptionFarms® architecture, ShadowPlex Active Defense delivers distributed deception at enterprise scale, across on-premises, OT and Cloud workloads. Advanced Threats have evolved to living-off-the-land, file-less, malware-less, becoming stealthier and persistent, making them very hard to detect. ShadowPlex Active Defense combines breakthrough Deception Technology with Advanced Analytics, to detect and respond to such advanced threats.
Wide Range of Support
Customized Deception for IT & OT Networks Covers On-Premises & Cloud workloads and Remote Users
Comprehensive Deception Palette
ShadowPlex provides a variety of deceptions to cast a wide net to arrest threats before they can cause harm.The deception types span Decoys that are added to the network, Breadcrumbs that are deployed on existing enterprise assets, Baits that act as tripwires on endpoints and Lures that are deliberately mis-configured or vulnerable services or applications that can be effectively used in ferreting latent threats. The extensible framework allows customers to add new deception types.
Flexible Deployment Options
Cloud to On-Premises
Easy deployment from your
favorite cloud provider
On-Premises to On-Premises
On-premises hosting of our cloud-scalable
Cloud to Cloud
Protect cloud workloads with deceptions
delivered from the cloud
Field Customizable and Extendable
Agentless Endpoint Deception Deployment and Refresh
- Breadcrumbs/baits automatically configured and personalized for every individual host
- No footprint left behind on assets. Ensures no additional attack surface and no fingerprints
- Breadcrumbs and Baits periodically updated to keep fresh and dynamic
Design of Deception from Deployment of Deception
Ease of Use
Active Defense against Identity Attacks
Blended and Relevant Deception for every subnet
and every endpoint
Detection of Endpoint Exploits and Lateral Movement
- Deploy a comprehensive layer of deception across endpoints and enterprise network to detect attacks, even zero-day exploits
Protection Against Ransomware Attacks
- Specialized Deceptions to detect known and zero-day ransomware
Detection of LLMNR Poisoning
- Automatic LLMNR requests to detect poisoning attempts
Comprehensive Active Directory Protection
- Protect the Production Domain at an early stage of attack and also against advanced AD Attacks
Protection of Key Assets
- Specialized Deceptions and Analytics to protect key assets in the Enterprise network
Auto-triaging of ShadowPlex Detection Events
- Leverages multiple data sources and advanced analytics to auto-triage all deception events.
- Auto-triaging ensures only high-fidelity detection incidents are highlighted and forwarded to the SIEM, SOAR or IR platforms.
- Maps to MITRE ATT&CK Framework and covers MITRE Engage
Powerful Response Capabilities
Automated and Real-time Quarantine of endpoints
Engage with just-in-time high-interaction decoys
Divert / Slow-down Attacker using Dynamic Deception
Integration with Security Ecosystem
ShadowPlex integrates with a wide range of solutions such as SOAR, SIEM, EDR, AD, Network Management Solutions, Email Servers, Software Management Solutions (such as SCCM, Chef, Puppet, and other platform-specific tools) among other solutions. ShadowPlex leverages integrations with these defense systems for network discovery, gathering forensic data from endpoints, breadcrumb and bait deployment on network endpoints and assets, as well as for automated response.
Explore our patented technologies to enable Active Defense and Identity Protection in your enterprise.