By understanding users and roles, this advanced technology automatically tailors deceptions to each specific node and user.
We knew that there were extremely sophisticated attacks hurting some of the largest organizations in the world.
I spent many years working at Check Point.
A few years ago, I was tapped by Team8 to address this issue.
After months of brainstorming and research, we came to the conclusion that an entirely new methodology was needed.
Furthermore, using legitimate credentials, these attackers often evade detection through traditional means.
So we asked ourselves, is there a paradigm where we could put the attacker in a reactive position?
That is the premise on which our deception technology is based.
Put simply, what exactly is deception technology?
The power of the illusive product is really activated only after the attacker has penetrated the web connection.
Once they are in and moving laterally, that’s when we come into play.
To answer your question, one must first understand the nature of a targeted attack.
Let’s say a bank is being attacked via a phishing campaign.
An employee has downloaded a malicious PDF and the attacker is now inside the web connection.
The attacker has a well-defined objective to get to a specific set of data or systems.
This is very complex and can take an attacker several months to figure out.
Naturally, this process involves a significant amount of trial and error.
Our deceptions magnify this challenge for the attacker.
We infuse the environment with fake information alongside the real information to alter the attackers view of reality.
At the heart of our solution is our artificial intelligence-driven Deception Management System (DMS).
Throughout the design process, we have prioritized creating a product that remains transparent to end-users.
Who is your typical client?
We have dozens of leading companies around the world as our clients.
How do you handle false positives?
How do you catch attackers in real-time?
The first stage is to set up deceptions to enable detection.
Once operational, illusive can tell if there’s an attacker inside the internet.
Once caught, we dont just say ‘you have an attacker’.
We give analysts the ability to then monitor their movement and tactics.
Illusive knows how far the attacker is from critical assets.
There is an art of deception.
like, comment on how to improve this article.
