Ridgeback plays offense by actively shifting the burden of the exploit back onto the attacker, so you control the outcome.
Ridgeback assumes the perimeter has been breached. Ridgeback ensures the initial breach won’t lead to any further harm by denying the adversary information, arresting the adversary’s lateral movement, and counter-engaging threats to extinguish them from your network – automatically and in real time.
Ridgeback’s “man in the middle defense” injects, modifies, and drops ethernet frames, as needed, to influence adversary behavior. Dynamically changing in real time what an adversary observes allows Ridgeback to influence the adversary’s behavior.
Ridgeback does not use data science, apply rules or require databases of known threats, so it produces no false positives, and it is easy to install, deploy and manage. In fact, there is no burden on the live network or on your compute resources.
See attacks as and when they happen.
Threats are immediately removed from the network.
Ridgeback Intermingles real endpoints with BILLIONS of phantom endpoints
Any interaction with any phantom resource triggers counter-engagement
Enterprise network, and normal traffic is entirely unencumbered. Attacker is instantly isolated from the network.
Ridgeback re-writes packets on Level 2 traffic to simulate resources and counter-engage
Traffic intercepted, modified on the network layer. No actual resources needed/created.
Attacker experiences and impossible challenge and is eliminated from the network.
THE EXPERIENCE OF ‘OPERATING’ RIDGEBACK
Ridgeback is designed to work in autonomous mode and be managed using our interface, or easily integrated with other tools.
It should take about an hour to have Ridgeback up and running. There’s also nothing to change on the live network, and no agents to install on endpoints. Ridgeback can operate on a physical network or on a virtual network. The only requirement is that Ridgeback has access to layer 2 network traffic.
Ridgeback software is installed on one server or Virtual Machine connected to the network switch. Every asset or resource within that network segment falls instantly into the protective envelope of Ridgeback phantoms.
You can be confident you’ll have Ridgeback up and running in short order. A trial can establish Ridgeback acts the way you expect in hours or days.
Ridgeback is designed to be managed using our interface, or easily integrated with other tools, like SIEMs.
Built in integration points:
RESTful Interface | Log File | Syslog | SQLite Database | Watchdog Process | Dashboard Widgets | Processor Plugins | Script Library
Ridgeback can be configured to provide any kind of alerts or countermeasures that fit your security strategy and and security policies. It can operate in complete manual mode giving the security team clear alerts on breaches or work in 100% autonomous mode, deploying countermeasure, including host isolation, in real-time.
VISIBILITY / NO FALSE POSITIVES / ONE INTERFACE
Ridgeback Hunter is a standalone software product that can protect an entire subnet using an auxiliary deployment. The auxiliary deployment is the simplest type, requiring little to no configuration of Ridgeback and no configuration for the network being protected.
Ridgeback Hunter also can be deployed inline to provided additional point defense for a high-value resource.
Ridgeback Hunter can operate on a physical network or on a virtual network. The only requirement is that the Ridgeback installation have access to the layer 2 network traffic.
Stops inside/lateral security threats
Reduces Expense (High RoI)
Complements or replaces many solutions
Return of control and confidence
Up and running in 10 minutes
Immediate situational awareness
Easy to manage – network, not endpoints
Threats immediately removed
Integration with SIEM or other tools
“With one instance of Ridgeback, you can automatically deploy hundreds of millions of mousetraps throughout your network. With two Ridgebacks you can deploy billions of mousetraps. All of those phantom servers consume no extra resources and you do not have to manage them at all. Ridgeback does all the work for you.”
To learn more about Ridgeback deployment options, scaling across the enterprise, management and integration with existing security infrastructure (e.g. SIEMs), please contact us or download the Ridgeback Technical White Paper.