Name: BOTsink (Legacy)
Rating: 4.7 (37 reviews)

Overview

Product Information on BOTsink (Legacy)

Updated 13th October 2025

What is BOTsink (Legacy)?

BOTsink (Legacy) is a software designed to function as a deception platform that helps organizations detect and respond to cyber threats by deploying decoys and traps within a network environment. The software presents attackers with false assets, such as emulated devices and data, to lure threats away from critical systems and observe malicious activities without risking operational systems. BOTsink (Legacy) features automated threat detection, analysis, and alerting capabilities in order to provide security teams with timely information on intrusion attempts and attacker behavior. This software addresses the business problem of identifying security breaches early, reducing the risk of data compromise, and providing actionable intelligence to support incident response strategies.

Overall experience with BOTsink (Legacy)

SR. TM

50M - 250M USD, IT Services

FAVORABLE

“"Attivo Network Threat Deception"”

5.0

Nov 22, 2022

It provides extensive attack analysis and adequate visibility into attacker's lateral movement.

Network Engineer

50M - 250M USD, Manufacturing

CRITICAL

“Purchased and am quickly replacing”

2.0

Jan 9, 2020

Horrible experience with installing and administering a BotSink 5100. Worked for almost a year with Attivo to get things working, still having issues. Codebase we're on is so buggy it was removed from their website, but the provide no options for downgrading.

About Company

Company Description

SentinelOne provides autonomous security solutions for various IT environments. The company's main focus is on endpoint security, cloud security, and identity security. It operates on an AI-powered platform that brings prevention, detection, response, remediation, and forensics under one umbrella. The endpoint security product uses artificial intelligence to constantly adapt to new threats, offering real-time protection and automated response. The key principle of SentinelOne's security approach is to allow organizations to detect harmful behavior across multiple vectors, rapidly eliminate threats with an integrated response, and continuously adapt defenses against advanced cyber attacks. The company also provides a range of services such as threat hunting, incident response, and incident management.

Company Details

Company type

Public

Year Founded

2013

Head office location

Mountain View, United States

Number of employees

1001 - 5000

Website

http://www.sentinelone.com

Do You Manage Peer Insights at SentinelOne?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: BOTsink (Legacy)

Deciding Factors: BOTsink (Legacy) Vs. Market Average

Performance of BOTsink (Legacy) Across Market Features

BOTsink (Legacy) Likes & Dislikes

Proactive, real-time alerts details and provides early detection from threats & attacks. AD query visibility, AD live attacks, target reconnaissance. Customization of Decoys as per the infrastructure

Liked the features they claimed the BotSink would feature, such as decoy Active Directory, decoy servers that use your VM images, ability to create decoy IoT devices. In reality, many of these features are either buggy, hindered, or flat out do not work.

The assurance that we have another set of eyes that's watching my network 24/7.

Not Much, happy with results.

Incredibly unstable platform. We've worked with Attivo's engineering team for almost a year on consistent issues we've encountered. Buggy code abounds. Attivo has admitted they've had issues with QA in the past. Customers should not be your bug testers.

Highly intense to deploy. BUT, support provides deployment support -- which I strongly recommend so you don't miss anything critical.

Top BOTsink (Legacy) Alternatives

4.9

(352 Ratings)

4.9

(311 Ratings)

4.8

(155 Ratings)

View All Alternatives

Peer Discussions

BOTsink (Legacy) Reviews and Ratings

4.7

(37 Ratings)

Rating Distribution

5 Star: 65%
4 Star: 30%
3 Star: 3%
2 Star: 3%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.7

Integration & Deployment

4.6

Service & Support

4.6

Product Capabilities

4.7

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

SR. TM
50M-1B USD
IT Services
Review Source
"Attivo Network Threat Deception"
5.0
Nov 22, 2022
It provides extensive attack analysis and adequate visibility into attacker's lateral movement.
Sr. Network And Systems Administrator
50M-1B USD
Manufacturing
Review Source
Rest Assured
5.0
Dec 31, 2021
Amazing product -- how it captures and "sees" unwanted traffic, AND the ability to keep that traffic in it's sandbox is totally amazing!
CyberSecurity Analyst
50M-1B USD
Banking
Review Source
Deception Decoy
5.0
Jun 15, 2021
provides customisation decoys to be implemented as per our environment ,can use web , application OS, IP's as a decoy for the entire network which in turn provides internal sinks for the insider attacker .once the decoy is used/called attivo management will provide the report for the same which can be used to verify any insider/misconfiguration is at the source level.provides extra solution more than a honeypots .
Information Security Engineer
<50M USD
Banking
Review Source
Attivo Deception
5.0
Jun 18, 2021
we have used in these devices past two years in our environments, its helpful un-known threat like lateral movement network scanning internal host machine and try login internal machine to Decoy machines. So good to find out this solution and take further action.
Vice President, IT Infrastructure
50M-1B USD
Miscellaneous
Review Source
The Botsink answers that hardest of security questions. Has a user been compromised.
5.0
Mar 31, 2021
The Attivo Botsink is one of the most unique approaches to security I have encountered. It attempts to answer that hardest of questions - How do you tell if someone is inside your perimeter making lateral movements. It is one of the most powerful security tools I have encountered.

...

Showing Result 1-5 of 37

Recommended Gartner Insights

This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.

BOTsink (Legacy)

Overview

Product Information on BOTsink (Legacy)

What is BOTsink (Legacy)?

BOTsink (Legacy) Pricing

Overall experience with BOTsink (Legacy)

“"Attivo Network Threat Deception"”

“Purchased and am quickly replacing”

About Company

Company Description

Company Details

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: BOTsink (Legacy)

Deciding Factors: BOTsink (Legacy) Vs. Market Average

Performance of BOTsink (Legacy) Across Market Features

BOTsink (Legacy) Likes & Dislikes

Top BOTsink (Legacy) Alternatives

1. The Claroty Platform

2. Nozomi Networks Platform

3. Darktrace / OT

Peer Discussions

BOTsink (Legacy) Reviews and Ratings

4.7

(37 Ratings)

Rating Distribution

Customer Experience

Product Capabilities

"Attivo Network Threat Deception"

Rest Assured

Deception Decoy

Attivo Deception

The Botsink answers that hardest of security questions. Has a user been compromised.

Recommended Gartner Insights

Reviewer Insights for: BOTsink (Legacy)

Deciding Factors: BOTsink (Legacy) Vs. Market Average

Performance of BOTsink (Legacy) Across Market Features

BOTsink (Legacy) Likes & Dislikes