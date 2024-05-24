Acalvio ShadowPlex Identity Protection Description

Acalvio ShadowPlex Identity Protection is a deception-based Identity Threat Detection and Response (ITDR) solution that detects credential misuse, privilege escalation, and lateral movement through AI-generated deceptive assets. The platform deploys decoy honey accounts in Active Directory, Azure AD, and cloud directories that trigger alerts when attackers interact with them. The solution uses targeted honeytokens—AI-created credential artifacts placed in memory, OS caches, cloud workloads, and applications—to detect reconnaissance and credential theft without modifying identity stores. Deceptive privileged credentials are planted in endpoints and cloud environments to expose privilege escalation attempts. ShadowPlex provides Identity Attack Surface Management capabilities that map exposed identity assets across endpoints, cloud, and Active Directory environments. The platform analyzes attacker queries and behavior targeting AD environments, correlating deceptive activity with Active Directory signals to improve detection accuracy. The solution monitors deceptive assets across identity systems to detect unauthorized access attempts, including lateral movement and privilege escalation. It generates high-confidence alerts with contextual information to reduce alert fatigue and accelerate incident response. The platform operates without disrupting production identity infrastructure or requiring modifications to existing IAM, PAM, or MFA solutions.