What is CryptoniteNXT?
A next generation, zero trust-based technology that prevents and contains a cyber-attack from within your enterprise network.
CryptoniteNXT is a network appliance that works in concert with your corporate firewall to inoculate your network against cyber attacks that may have penetrated your firewall (e.g. malware, zero day attacks, and insider threats). CryptoniteNXT is built on the principles of zero trust – never trust, always verify, and only provide need to know access. When installed, Cryptonite removes an adversary’s ability to execute entire categories of in-network attacks that are used to target high vulnerability environments.
Firewalls and intrusion detection systems are only one half of the cyber-security solution. Networks will eventually get penetrated and when that happens containment is critical.
In today’s porus networks, many attacks reach the network and are not contained or even detected for months. Installing CryptoniteNXT gives you the peace of mind that your network will remain inoculated against threats that may have slipped past your firewall. A Cryptonite protected network reduces your organizations risk against vulnerabilities in legacy software, overdue software updates and patches, and new threats posed by the proliferation of IoT and mobile devices. In addition to network protection, Cryptonite’s state-of-the-art analytics derived from packet level data also give your IT admin new actionable insights into your network vulnerabilities and threats.
With CryptoniteNXT, ransomware is unable to travel through the network or spread beyond the originally compromised computer.
Prev | Next
CryptoniteNXT contains attacks by eliminating the ability to view, manipulate, or move laterally through the network.
prev | Next
Partnerships and Interoperability
Out of the box integration with leading industry products and vendors.
How it works
Prevents reconnaissance, stops lateral movement, and contains cyberattacks and threats.
A CryptoniteNXT protected network uses the tactics of Deceive, Deny, and Defeat to implement a zero trust environment. Our device uses intelligent, packet level, credentials-based algorithms to dynamically morph the network mapping, eliminating an adversary’s visibility into a network thus preventing reconnaissance needed for lateral movement. In addition it uses software defined segmentation to determine if a packet should be permitted through the mapping, further containing the movement within the network. All this happens at the network layer, at line speeds, with no performance impact to a trusted and verified user or the application.
Explore the videos to learn more about CryptoniteNXT.
Stop Lateral Movement
Contain Cyberattackers & Insider Threats
CryptoniteNXT proactively shields your network from an attack.
Scanning and other forms of network discovery is ineffective.
Attackers become frustrated and the tools they developed or purchased are rendered useless, keeping your enterprise secure.
CryptoniteNXT masks the visibility of vulnerabilities.
CryptoniteNXT reduces the need to frantically identify and patch system vulnerabilities.
Network resources are protected from illegitimate access.
Attempts to misuse credentials, escalate privileges, and bypass network controls are ineffective against CryptoniteNXT.
Attackers can’t use spoofing to collect network information and credentials.
CryptoniteNXT defends your network from attackers impersonating the identity of legitimate endpoints.
Network topology is unusable in the planning of an attack.
Network topology discovered before or after the installation of CryptoniteNXT is not actionable information for purposes of planning an attack.
Software-defined segmentation prevents an attack from laterally moving through networks.
Malicious activity can not leave endpoints. The network is shielded from the spread of an attack and detection systems can now remove malware.
What people are saying about CryptoniteNXT
“CryptoniteNXT provides a defense-in-depth security layer to address the ever-increasing ransomware threat. The integration with Palo Alto provides seamless multifactor network authentication, bypassing any need for captive portal, even for Mac users.”
SVP, Technical Operations
Credit Card Processing Company
“CryptoniteNXT uniquely prevents adversaries from exfiltrating actionable information from networks. The other key capability is their fine-grained micro-segmentation which stops east-west traffic that has enabled the spread of ransomware.”
Principal at Gula Tech Adventures
“With this device implemented and configured correctly, identification and enumeration of hosts becomes an improbable attack vector.”
Security and Analytics, Pen Testing, Compliance
“We selected CryptoniteNXT to protect our enterprise network, as it prevents reconnaissance and the lateral movement of any attacks within the enterprise network. This solution closes a large gap in the current suite of cyber security tools that are currently available in the market.”
SENIOR DIRECTOR, INFORMATION TECHNOLOGY
“CryptoniteNXT’s moving target cyber defense keeps attackers out in the early stages of a cyber attack, disrupting their ability to perform reconnaissance and enumeration against their target which is critical to weapon/malware/exploit delivery. This provides defenders the advantage of time and intelligence collection against the adversary to adjust their defenses against adversary TTPs (tactics, techniques and procedures).”
ROBERT HUBER, CHIEF STRATEGY OFFICER
“Our company maintains sensitive information for our clients that is critical to their success. We selected CryptoniteNXT to protect our clients intellectual property and our reputation. CryptoniteNXT is an integral component of our cyber security strategy stopping the bad guys from uncovering weaknesses in our network and using them to steal proprietary assets from our customers and our company. ”
CHIEF OPERATING OFFICER
Public Affairs Company
“…CryptoniteNXT successfully prevented the network from being enumerated and traced. Standard scanning and spoofing tools provided no actionable intelligence about the protected network.”
Network Security Research & Development