Solution Brief :
Attivo Networks BOTsink® Analysis Functions
The Attivo BOTsink® deception engagement server provides several analysis functions to accelerate incident response. The BOTsink deception server detects active compromises from APTs, malware, ransomware, MiTM, Active Directory, and insider threats in the network based on interaction with the deception platform and provides complete attack analysis and forensic evidence reporting. To help security analysts investigate incidents, gather forensic evidence, and analyze malware, the BOTsink provides the Attack Threat Analysis (ATA) engine and the Malware Analysis Sandbox (MAS).
This solution brief will go into more detail about the BOTsink and cover the following topics:
- Attack Threat Analysis
- Malware Analysis
- Phishing Email Analysis