Threat intelligence for the enterprise

Deception Threat Defense

Deploy Decoys, Breadcrumps, Baits and Lures. Entrap the intruder.

Deception Threat Defense

No matter what solutions are deployed, the intruder edges a step ahead to find a way to breach the defense systems in an enterprise, often times with great success. As such organizations find themselves wanting to deploy more robust solutions to strengthen their security posture. Deception Threat Defense is one such that has gained momentum to bring value to enterprise security.

Why is this solution relevant and important to an enterprise?

Most mature enterprise security environments have implemented a  SIEM | SOC for monitoring various activities and to receive real time alerts on malicious activities. While it is a good beginning, in order to counter the level of sophistication hackers deploy these tools are  not sufficient enough.

Disruptive Deception technologies  can mimic your organisation and it will appear to an unsuspecting intruder to be real and live assets – any activity on such decoys will trigger a true positive alert  enabling security professionals to take corrective action instantaneously. Nextgen Deception technologies integrate with pre-existing technologies bringing in added visibility into the internal networks and open up high probability alerts and threat intelligence in the enterprise security roll out.

Ponemon Institute recently found that the average time required to detect a breach was 191 days and the average time required to contain a breach was 66 days – if this is considered, a lot could be at risk at an enterprise despite the best known defenses installed. This lays emphasis on the need for solutions which would provide early leads to what activities are at play.

What benefits will the enterprise derive by implementing the solution?

Deception Threat Defense provides enterprises a unique advantage against intruders which typically other security solutions fail to extend – very early and accurate visibility to malicious activities by deploying decoys to trap intruders as they begin exploring the premise post a breach has occurred. Intruders, once access is gained, look out  to find their ideal target, this is where decoys come in handy, as an intruder connects to a decoy – the deception solution can immediately sense the activity and alert the systems to take corrective actions  immediately.  Any alerts from a  good deception solution could be regarded as a true positive and investigation  begun.  Typically, security systems generate a lot of alerts often resulting in high false positives to wade through. The security professionals in large organizations struggle to get visibility so that they can take a corrective action; what is needed here is timely – select information, which matured best-of-breed deception technologies provide. In a way, once an intruders is spotted using the deception technology, security professionals have the option to watch as the act unfolds, gather about the nature of attack and learn how these acts will spread in the network – this will help to eliminate the attack with much ease.

Who does Cyberton represent to provision this technology?

Cyberton represents Acalvio Technologies – the nextgen Deception Threat Defense to address the enterprise needs. Acalvio has received 25 issued patents; and 15 more pending and are backed by Google V/Accel Partners | Splunk | Sumitomo | Honeywell and others.

Acalvio provides Advanced Threat Defense (ATD) solutions to detect, engage and respond to malicious activity inside the perimeter. The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat intelligence by data obtained from internal and partner ecosystems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation.