Get A DemoContact Us
Request a Demo
Required
Required
Required
NUMBER OF EMPLOYEES
×
FEDERAL ENTITY
×
*COUNTRY
×
I'M INTERESTED IN
×
 
 
 
Javelin-Networks
AD | Protect
For HealthCare
Active Directory
The Root of Domain Compromise
The adage “assume breach” drives awareness that attackers will find a way onto an endpoint in the Domain. After establishing control on an endpoint, they are looking for ways to create persistence that will enable their campaign, and then execute when the time is perfect.
USE CASE
Global healthcare client identifies undetected threats utilizing Acitve Directory
ISSUE
  • Client had performance issues on network with domain controllers peaked performance dampening productivity.
  • Javelin Networks ADProtect was deployed alongside Cylance AV and CyFIR EDR products.
  • Javelin immediately identified lateral movement using Active Directory credentials by file-less malware spreading across the domain where AV and EDR tools could not.
APPROACH
  • Javelin Networks employed advanced forensic methodologies to identify lateral movement and credential theft.
  • Javelin ADProtect tricked malware into giving itself away to the SOC and IR Teams, allowing for immediate containment of compromised processes and hardening against future threats.
 
VALUE DELIVERED
  • Javelin ADProtect reduced response time from weeks to minutes by automating identification, forensics, and containment.
 
Active Directory as the ultimate countermeasure
Javelin AD|Protect turns Active Directory into an Intrusion Detection and Containment system. Using an advanced, Domain forensic methodology, AD|Protect controls the attacker’s perception and uses it against them.
Capture Patient Zero
Letting an attacker roam an environment from Patient Zero yields full Domain compromise, putting every asset and enlisted at risk. By using the attacker’s perspective against them, Javelin AD|Protect automates the discovery of Patient Zero.
Shorten containment time
Counterintelligence can shorten containment time, allowing for a strong defensive position to protect core assets. Using Domain-specific incident response methodologies, an autonomous capability launches forensics for memory and file system artifacts.
 
Reduce alert fatigue
Increasing cyber resilience will raise the cost for the attacker, discourage additional attacks, and allow responders to study advancement in the attacker’s breach tactics. Near real-time containment at the point of breach in the Domain will decrease collateral damage and improve resource utilization by reducing alert fatigue.
Reduce attack surface
Attackers leave backdoors and hooks in the Domain that are used to persist privileges and exploit Active Directory. AD|Protect uncovers attacks in progress and evidence left behind to mitigate risk in real-time, all the time.
 
Javelin vs Microsoft ATA
This video demonstrates a common Domain attack and the results from both Javelin AD|Protect and Microsoft ATA.
PLAY VIDEOarrow
Javelin vs. APT28
PLAY VIDEOarrow
Javelin vs. Olympic Destroyer
PLAY VIDEOarrow
Javelin vs. Empire Deathstar
PLAY VIDEOarrow
Javelin vs. Bloodhound
PLAY VIDEOarrow
Javelin vs. Duqu 2.0
PLAY VIDEOarrow
JAVELIN AD|PROTECT RESOURCES
pdf
What is Javelin AD|Protect?
Datasheet
pdf
Active Directory Attack Simulation
Datasheet
pdf
Active Directory: Exposed by Design
Whitepaper
pdf
Endpoint Obfuscation vs. Distributed Deception
Whitepaper
pdf
11 Commands to Compromise the Domain
Whitepaper
pdf
How Does AD|Protect Work?
Whitepaper
Request a Demo
Required
Required
Required
NUMBER OF EMPLOYEES
×
FEDERAL ENTITY
×
*COUNTRY
×
I'M INTERESTED IN
×
 
 
 
  • AUSTIN OFFICE
  • 201 W. 5th Street
  • Austin, TX
  • USA
  • Call us
  • 1-888-867-5179
  • PALO ALTO
  • 550 California Ave
  • Palo Alto, CA
  • USA
  • Call us
  • 1-888-867-5179
  • ©2018 Javelin Networks Inc. All Rights Reserved
Request a Demo
Required
Required
Required
NUMBER OF EMPLOYEES
×
FEDERAL ENTITY
×
*COUNTRY
×
I'M INTERESTED IN
×