Get A DemoContact Us
Request a Demo
NUMBER OF EMPLOYEES
FEDERAL ENTITY
COUNTRY
I'M INTERESTED IN
 
 
AD | Protect
All Domain Intrusion Detection,
Investigation, and Containment
Stop Credential Theft.
Stop Reconnaissance.
Learn more

Stop Lateral Movement.
Learn more
Control the attacker's perception autonomously at the endpoint with no agent, and identify the Dark Corners the attacker favors.
 
1
Immediate Detection
Achieve definitive alerts on post-exploitation activity—the most important part of the breach—to stop reconnaissance, credential theft, and lateral movement.
3
Autonomous Investigation
Obtain relevant artifacts automatically before an attacker can erase them, reducing time and effort to investigate the breach.
 
2
Infinite Scale
Scalable coverage across all assets in an enterprise organization without impacting the Active Directory or endpoint.
4
Autonomous containment
Real-time response based on true positive signals to stop the attacker when it matters the most.
 
Request an AD|Protect Demo or download the PDF
"The rules of attack, as well as detection and response, are unique and different for a
Domain Network
."
- Roi Abutbul, CEO
 
1
Control the Attacker’s Perception
Detect Patient Zero.

Attackers leverage Active Directory just like the old Yellow Pages. On the breached endpoint, simple queries with functions like ADSIsearcher provide them with every user account, server, and application service in the domain.

AD|Protect infinitely obfuscates this data on every endpoint with no agent using Native Language Processing ML algorithm to learn and continuously adjust to the real topology of the environment. The result appears completely natural, including any attributes that the attacker could query. Items like credentials stored on each endpoint are also covered in the process.

This process is non-disruptive to the business and user base. With no friction, end users are unaware of AD|Protect, and there is no performance impact. The admin and applications are also unaffected.
 
2
Real-Time APT Detection
Reduce risk.

Javelin AD|Protect is not bound by the traditional methodology of “detection based on discovery.” Known or unknown malware, zero day exploits, and exe-based or fileless attacks are irrelevant to detection. AD|Protect will identify tradecraft during the most crucial phase of the kill chain: when an attacker has compromised an endpoint. Javelin AD|Protect becomes aware as an attacker attempts to navigate the obfuscated topology or even pings one.

At this point, an automated response is invoked to include Automated Investigation and real-time breach containment. The platform detects the attacker’s method of credential theft, reconnaissance, and lateral movement.

Alerting is available through several methods such as email and syslog (native or CEF), which can be fed to your SIEM or Splunk.

 
3
Automated Investigation
Orchestrate response.

Javelin AD|Protect provides an agentless solution that automatically pulls forensics from memory on a compromised host. Regardless of how the machine was compromised, Javelin provides the relevant details of what has occurred in memory on the host, including the shell commands that were running. Javelin’s methodology allows for a very focused analysis, called Smart IOC Analysis, reducing the time for responders to review and understand what has occurred.

 
4
Real-Time Breach Containment
Reduce risk.

Javelin AD|Protect is the only agentless solution that immediately contains attackers after they compromise a machine, preventing them from using Active Directory and moving laterally into the network. Javelin greatly reduces the effort, time, and error involved in detecting and containing a breach. As the attacker tries to move, an orchestrated response is enacted. The attacker will not be able to move laterally through the network as patient zero is contained.

 
5
Threat Hunting with IOCs
Reduce attack surface and risk simultaneously.

Searching for IOCs across the environment and applying reverse IR methods specifically designed for a corporate domain environment, Javelin determines if the attack is just a local incident or part of a larger effort across the organization. This information is used to drive intelligence back into the security program.

 
Who is protecting your Domain Network?
Request a Demo
NUMBER OF EMPLOYEES
FEDERAL ENTITY
COUNTRY
I'M INTERESTED IN
 
 
Request a Demo
NUMBER OF EMPLOYEES
FEDERAL ENTITY
COUNTRY
I'M INTERESTED IN