Attivo Networks BOTsink® Analysis Functions

The Attivo BOTsink® deception engagement server provides several analysis functions to accelerate incident response. The BOTsink deception server detects active compromises from APTs, malware, ransomware, MiTM, Active Directory, and insider threats in the network based on interaction with the deception platform and provides complete attack analysis and forensic evidence reporting. To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).

This solution brief will go into more detail about the BOTsink and cover the following topics:

  • Attack Threat Analysis 
  • Malware Analysis
  • Phishing Email Analysis

To read more, please fill out the form and the full assesment will be sent to your email address.

Additional Resources

Here are some resources that have recently been downloaded by other professionals. 

Introduction to Deception Technology and Attivo Networks

A brief introduction to deception technology and the Attivo Networks Deception and Response Platform