Zero Trust

A smarter way to defend your network


Schedule a Demo

What is CryptoniteNXT?

A next generation, zero trust-based technology that prevents and contains a cyber-attack from within your enterprise network.

CryptoniteNXT is a network appliance that works in concert with your corporate firewall to inoculate your network against cyber attacks that may have penetrated your firewall (e.g. malware, zero day attacks, and insider threats). CryptoniteNXT is built on the principles of zero trust – never trust, always verify, and only provide need to know access. When installed, Cryptonite removes an adversary’s ability to execute entire categories of in-network attacks that are used to target high vulnerability environments.

 

Why CryptoniteNXT?

Firewalls and intrusion detection systems are only one half of the cyber-security solution. Networks will eventually get penetrated and when that happens containment is critical.

In today’s porus networks, many attacks reach the network and are not contained or even detected for months. Installing CryptoniteNXT gives you the peace of mind that your network will remain inoculated against threats that may have slipped past your firewall. A Cryptonite protected network reduces your organizations risk against vulnerabilities in legacy software, overdue software updates and patches, and new threats posed by the proliferation of IoT and mobile devices. In addition to network protection, Cryptonite’s state-of-the-art analytics derived from packet level data also give your IT admin new actionable insights into your network vulnerabilities and threats.
CN_Diagram_Mobile_V4
CN_Diagram_Tablet_V1
howitworks-small1.1.1.41.1.1.41.1.1.4Username:Network1Password:T*92#4$@1

Contains
Ransomware
With CryptoniteNXT, ransomware is unable to travel through the network or spread beyond the originally compromised computer.

Prev | Next
 Watch Video
Prevents
Spoofing &
Lateral Movement
CryptoniteNXT contains attacks by eliminating the ability to view, manipulate, or move laterally through the network.

prev | Next
 Watch Video
Prevents
Reconnaissance
CryptoniteNXT keeps attackers from enumerating your network and leveraging known or zero-day vulnerabilities.

Prev | NEXT
 Watch Video

 
 

Partnerships and Interoperability

Out of the box integration with leading industry products and vendors.

How it works

Prevents reconnaissance, stops lateral movement, and contains cyberattacks and threats.

A CryptoniteNXT protected network uses the tactics of Deceive, Deny, and Defeat to implement a zero trust environment. Our device uses intelligent, packet level, credentials-based algorithms to dynamically morph the network mapping, eliminating an adversary’s visibility into a network thus preventing reconnaissance needed for lateral movement. In addition it uses software defined segmentation to determine if a packet should be permitted through the mapping, further containing the movement within the network. All this happens at the network layer, at line speeds, with no performance impact to a trusted and verified user or the application.

Explore the videos to learn more about CryptoniteNXT.

DECEIVE
Prevent Reconnaissance

DENY
Stop Lateral Movement

DEFEAT
Contain Cyberattackers & Insider Threats

Key Benefits

CryptoniteNXT proactively shields your network from an attack.

Scanning and other forms of network discovery is ineffective.

Attackers become frustrated and the tools they developed or purchased are rendered useless, keeping your enterprise secure.

CryptoniteNXT masks the visibility of vulnerabilities.

CryptoniteNXT reduces the need to frantically identify and patch system vulnerabilities.

 

CryptoniteNXT stops attacks automatically, and in real-time.

Attacks are stopped without human intervention and CryptoniteNXT captures detailed information regarding the failed attempts and forwards that information to your security team for further investigation.

Network resources are protected from illegitimate access.

Attempts to misuse credentials, escalate privileges, and bypass network controls are ineffective against CryptoniteNXT.

Attackers can’t use spoofing to collect network information and credentials.

CryptoniteNXT defends your network from attackers impersonating the identity of legitimate endpoints.

 

Unauthorized actions are immediately denied.

Unauthorized actions are automatically and immediately denied and logged as potential threats pointing to a specific user and device to efficiently identify the source of the attack.

Network topology is unusable in the planning of an attack.

Network topology discovered before or after the installation of CryptoniteNXT is not actionable information for purposes of planning an attack.

Software-defined segmentation prevents an attack from laterally moving through networks.

Malicious activity can not leave endpoints. The network is shielded from the spread of an attack and detection systems can now remove malware.

Software-defined segmentation limits the lateral movement of an attack.

Software-defined segmentation limits the lateral movement of an attack through specific policies set up for each user, device or process in the system. Threats are contained immediately and automatically at the point of attack.

What people are saying about CryptoniteNXT

  • CryptoniteNXT’s moving target cyber defense keeps attackers out in the early stages of a cyber attack, disrupting their ability to perform reconnaissance and enumeration against their target which is critical to weapon/malware/exploit delivery. This provides defenders the advantage of time and intelligence collection against the adversary to adjust their defenses against adversary TTPs (tactics, techniques and procedures).

    ROBERT HUBER, CHIEF STRATEGY OFFICER
    Eastwind Networks

  • “CryptoniteNXT uniquely prevents adversaries from exfiltrating actionable information from networks. The other key capability is their fine-grained micro-segmentation which stops east-west traffic that has enabled the spread of ransomware.”

    RON GULA
    Principal at Gula Tech Adventures

  • “With this device implemented and configured correctly, identification and  enumeration of hosts becomes an improbable attack vector.”

    RAPID 7
    Security and Analytics, Pen Testing, Compliance

  • We selected CryptoniteNXT to protect our enterprise network, as it prevents reconnaissance and the lateral movement of any attacks within the enterprise network. This solution closes a large gap in the current suite of cyber security tools that are currently available in the market.

    SENIOR DIRECTOR, INFORMATION TECHNOLOGY
    Defense Contractor

  • Our company maintains sensitive information for our clients that is critical to their success. We selected CryptoniteNXT to protect our clients intellectual property and our reputation. CryptoniteNXT is an integral component of our cyber security strategy stopping the bad guys from uncovering weaknesses in our network and using them to steal proprietary assets from our customers and our company.  

    CHIEF OPERATING OFFICER
    Public Affairs Company

  • “…CryptoniteNXT successfully prevented the network from being enumerated and traced. Standard scanning and spoofing tools provided no actionable intelligence about the protected network.”

    NICK EVANCICH
    Network Security Research & Development

  • “CryptoniteNXT provides a defense-in-depth security layer to address the ever-increasing ransomware threat.  The integration with Palo Alto provides seamless multifactor network authentication, bypassing any need for captive portal, even for Mac users.”

    SVP, Technical Operations
    Credit Card Processing Company