Ridgeback repurposes and automates man-in-the-middle techniques for an active defensive posture,engaging the adversary at the most critical phase of the exploit – the reconnaissance phase. Ridgeback captures, modifies, drops, or injects Ethernet frames to detect and counter any threatening lateral movement in real-time and adapts it’s responses to active threats as they happen. Ridgeback is based on Patented and Patent pending innovations.

Why use packet injection?

o The best defense is a good offense.
o Ridgeback injects signals to better understand what is happening on the network.*
o Local injection lets Ridgeback ‘hack back’ automatically, legally and ethically.
o Attackers don’t have a playbook for responding to being attacked on site.

* The signals are trivially small so they do not impact operations, but they make a meaningful difference when they reach an attacker.

Situational Awareness +

Disruption +

Policy enforcement +

Active Countermeasures


Continuously Adaptive and Deterrent Network Security


Ridgeback runs in containers for scalability and high availability.

A central management interface controls Ridgeback across the entire network.

Each individual remote core (<1MB) can serve an entire network segment.