An attacker uses a fake domain controller
(DC) as a way to retrieve employee password
data. It’s a dangerous form of a domain
replication attack known as DCSync.
ExtraHop Reveal(x) uses AI-powered threat
detection algorithms to compare the real
DC’s past behavior to the spurious new
actions, and fl ags them as suspicious.1 ALERT!
ADVERTISEMENT
YOU’RE A
TARGET
How bad is the damage? Reveal(x) quickly
reviews all the devices the fake DC connected
to in the past week.(^3) ASSESS THE DAMAGE
You lead a security team at an enterprise. Sophisticated
cyberattackers want to steal and sell your data and
the information you’ve been entrusted with by your
customers. Fast and accurate threat detection and
response are essential. Millions of dollars, your
reputation, and your customers’ trust are on the line.
COST OF A TYPICAL DATA BREACH:
U.S.
$8.19M
CANADA
$4.44M
GERMANY
$4.78M
FRANCE
$4.33M
JAPAN
$3.75M
AUSTRALIA
$2.13M
Your team initiates a fi rewall policy
update via Reveal(x) through API
integrations to isolate the fake DC
backup. The attacker is locked out from
grabbing the synced credentials.
(^2) HALT THE ATTACK
SOURCE: Cost of a Data Breach 2019, Ponemon Institute
Reveal(x)
provides up to
95 %
faster threat detection.
SOURCE: IDC