Classify all networks and assets, communication paths, and network activity to profile your users, services, and systems. Gain visibility of servers, workstations, enterprise IoT devices, legacy systems and shadow-IT, and ensure an always-current profile as changes occur within your environment to automatically adapt deception layers.
Deception uses accurate information to auto-generate decoys for deception layers. Decoys have profiles, services and regular activity matching the environment, plus recommended breadcrumbs for placement on nearby real assets to act as lures to decoys. Configuration options are available to customize deception layers by adding real OS VM decoys, golden image OS VM decoys of customer choice, desired manual edits to IT asset and services decoys and much more.
Easily configure breadcrumbs on real assets and in Active Directory to lure cyber attackers, malicious insiders and automated malware to the deception layer. Breadcrumb options include files, documents, email, system resources and more.
Cyber deception defenses provide a proactive opportunity to lure, detect and defend early within post-breach compromise incidents. Alerts come from deception layers unknown to users resulting in low-risk alerts via emulation with high fidelity and no false positives. The result is a low friction, low risk accurate alarm system to detect post-breach attacks. For more mature security operations, receive high value alerts from real OS VM decoys or golden image OS VM decoys to learn attack TTPs, analyze and sandbox file uploads, and improve defenses.