INTELLIGENT BRANDS // Enterprise Security
POWERED BY
USING HIGH-
INTERACTION
DECOYS AND
LURES, DECEPTION
SOLUTIONS
EFFECTIVELY
DECEIVE
ATTACKERS
INTO REVEALING
THEMSELVES,
THEREBY CLOSING
THE ‘DETECTION
DEFICIT’.
Anton Jacobsz, Managing Director,
Networks Unlimited
revealing themselves, thereby closing the
‘detection deficit’. With early visibility
into threats and the evidence-based alerts
required to accelerate incident response,
deception technologies are rapidly becoming
the solution of choice for organisations
looking to implement an active defence
strategy and accelerate incident response.
As a result of the effectiveness of advanced
deception technology, organisations across
all major industries in North America,
including retail, energy and healthcare, are
aggressively adopting these solutions. FBR
Capital Markets forecasts that the deception
technology market as a detection security
control will grow to US$3 billion by 2019,
three times its size in 2016.
Jacobsz said: “The ThreatDefend
Deception and Response Platform from
Attivo Networks is designed to make the
entire network a trap and to force the
attacker to have to be right 100% of the
time or risk being discovered. The solution
is based on six pillars, which include
visibility, real-time detection, malware
and phishing analysis, forensic reporting,
incident handling and response.”
72
INTELLIGENTCIO
DURING THE PAST
FEW YEARS, THE
PACE AND INTENSITY
OF MALWARE,
RANSOMWARE
AND PHISHING
ATTACKS FROM
THOSE LOOKING TO
STEAL INFORMATION
HAVE INCREASED
SIGNIFICANTLY.
The solution combines distributed, high
interaction deception decoys and lures
designed to provide early visibility into in-
network threats, efficient continuous threat
management and accelerated incident
response. The platform provides a ‘hall of
mirrors’ environment that is baited with lures
and traps, while making deception decoys
completely indistinguishable from company
assets. The decoys attract and detect
attackers in real-time, actively engaging with
them so that their movements and actions
can be safely analysed and evidence-based
alerts raised.
“Deception technology is now coming into
its own. Early adopters of intrusion detection
technology faced challenges with accurate
detection, because these solutions were either
based on known signatures, attempting to
pattern match or looking for anomalous
behaviour. In the early days, the results were
unreliable and generated high volumes of logs
and false positives. With limitations such as
staffing and time constraints, many of these
alerts were simply ignored, and attackers then
took advantage of inefficiency, sometimes
going undetected for an average of 20 plus
days. Today, however, advanced deception
technology is a force to be reckoned with
in the cybersecurity field. You could think of
it as the ‘smoke and mirrors’ arm of your
cybersecurity arsenal, ultimately using the art
of deception in the on-going fight against
those who aim to hold others to ransom,”
Jacobsz said. n
www.intelligentcio.com