Ridgeback plays offense by actively shifting the burden of the exploit back onto the attacker, to maximize the cost of attack to the attacker, so you control the outcome.
Ridgeback assumes the perimeter has been breached. Ridgeback ensures the initial breach won’t lead to any further harm by denyingthe adversary information, arresting the adversary’s lateral movement, and counter-engaging threats to extinguish them from your network – automatically and in real time.
Ridgeback’s “Man in the Middle Defense” injects, modifies, and drops ethernet frames, as needed, to influence adversary behavior. By dynamically changing in real time what an adversary observes Ridgeback influences the adversary’s behavior.
Ridgeback does not use data science, apply rules or require databases of known threats, so it produces no false positives, and it is easy to install, deploy and manage. In fact, there is no burden on the live network or on your compute resources.
See attacks as and when they happen.
Threats are instantly and automatically removed from the network.
Ridgeback communicates to the adversary the availability of BILLIONS of connection opportunities to phantom endpoints.
Any interaction with any phantom resource triggers counter-engagement.
Enterprise network, and normal traffic is entirely unencumbered. The attacker is instantly isolated from the network.
Ridgeback re-writes packets on Layer 2 traffic to simulate resources and counter-engage intercepted traffic
No actual resources are needed or created.
The attacker experiences an impossible challenge and is eliminated from the network.
THE EXPERIENCE OF ‘OPERATING’ RIDGEBACK
Ridgeback is designed to work autonomously and to be managed using its graphical user interface, or to integrate easily with other tools.
It should take about an hour to have Ridgeback up and running. There’s also nothing to change on the live network, and no agents to install on endpoints. Ridgeback can operate on a physical network or on a virtual network. The only requirement is that Ridgeback has access to layer 2 network traffic.
Ridgeback software is installed on one server or Virtual Machine connected to the network switch. Every asset or resource visible to Ridgeback falls instantly into the protective envelope of Ridgeback phantoms.
You’ll have Ridgeback up and running in short order. A trial can test Ridgeback in your environment in hours or days.
Ridgeback is designed to be managed using our interface, or can easily be integrated with other tools, like SIEMs.
Built in integration points: RESTful Interface | Log File | Syslog | SQLite Database | Watchdog Process | Dashboard Widgets | Processor Plugins | Script Library
Ridgeback can be configured to provide any kind of alerts or countermeasures that fit your security strategy and and security policies. It can operate in complete manual mode giving the security team clear alerts on breaches or work in 100% autonomous mode, deploying countermeasure, including host isolation, in real-time.
VISIBILITY | NO FALSE POSITIVES | ONE INTERFACE
Ridgeback is a standalone software product that can protect an entire subnet using a standard deployment. The standard deployment is the simplest type, requiring little to no configuration of Ridgeback and no configuration for the network being protected.
Ridgeback can operate on a physical network or on a virtual network. The only requirement is that the Ridgeback installation have access to the layer 2 network traffic.
Stops inside/lateral security threats
Reduces Expense – both product and personnel (High ROI)
Complements or replaces many solutions
Real time remediation
Defeat data theft
Up and running in 15 minutes
Immediate situational awareness
Easy to manage – network, not endpoints
Automatic host isolation – threats automatically removed
Integration with SIEM or other tools
“One instance of Ridgeback can automatically deploy hundreds of millions of phantoms throughout your network. All of those phantom assets consume no extra resources and you do not have to manage them at all. Ridgeback does all the work for you.”