Symantec Corp. announced the acquisition of Javelin
Networks, a privately held company that offers advanced software
technology to defend enterprises against Active Directory-based attacks.
Microsoft Active Directory (AD) services have become an increasingly
popular target for attackers, who use AD reconnaissance to discover the
users, servers and computers in an enterprise network and then move
laterally across the network using this information to carry out
multi-stage attacks. Recently, multiple major advanced persistent threat
(APT) campaigns have
used AD credentials to move laterally in the network beginning with
a single compromised endpoint. This challenge is pervasive, as a large
number of enterprises worldwide use AD services to manage their users,
applications, and computers.
To counter those threats, Javelin Networks was founded by Red Team
post-exploitation experts with a mission to protect every machine in the
world connected to Active Directory. They developed software to protect
AD and commonly-used domain resources, including domain controllers,
domain identities, and domain credentials. Javelin Networks' advanced
technology can detect AD misconfigurations and backdoors and help
prevent AD reconnaissance and credentials misuse by authorized devices
and applications.
Starting today, the Javelin Networks team and its technology is part of
Symantec's endpoint security business. The privately held company was
founded in 2014 and has employees based in Israel and the U.S. The
company's AD | Protect and AD | Assess products have won several
industry awards from SC Magazine and others.
"In the cloud generation, identity management services, such as Active
Directory, are a critical part of a user's interaction with their
organization's applications and services. They are also a critical
information repository that attackers regularly exploit," said Javed
Hasan, senior vice president of endpoint and data center products,
Symantec. "The addition of Javelin Networks technology to our
industry-leading endpoint security portfolio gives Symantec customers a
unique advantage in one of the most vulnerable and critical areas of IT
infrastructure. Most importantly, it can help expose exploitable
backdoors in AD and stop attacks at the point of breach while preventing
lateral movement."
This acquisition further strengthens the industry's most comprehensive endpoint
security stack in a single-agent architecture. As one of four
critical control points of the company's Integrated
Cyber Defense Platform, Symantec Endpoint Protection (SEP) helps
customers meet the challenges of the cloud generation by simplifying and
optimizing their environments, helping to lower costs, and improving
security.
Over the past two years, Symantec has made significant investments to
bring innovation to its endpoint security portfolio, further enhancing
the company's ability to protect the broadest spectrum of modern
endpoints and operating systems (e.g. iOS, Android). Symantec furthered
its commitment to endpoint innovation with the acquisition of Appthority
, a privately held company that offers comprehensive Mobile Application
Security Analysis. Recent product additions to Symantec's endpoint
security portfolio include SEP Hardening Application Isolation,
deception and Targeted Attack Analytics. Adding Javelin technology
strengthens Symantec's endpoint controls offering, further enhancing the
company's ability to protect modern and traditional endpoints (e.g. iOS,
Android) from a single vendor and extending its leadership in endpoint
security (Symantec is named a leader in the latest Gartner
Magic Quadrant for Endpoint Protection Platforms and Forrester
Wave for Endpoint Security Suites, and AV-Test
Institute Best Protection Awards).