Deception technology is the cornerstone of a proactive cyber defense. It allows oganizations to mislead, detect, and defeat cyber-attacks, and then quickly return to normal IT operations. Most importantly, deception technologies provide insight into malicious activities that could otherwise evade detection within IT networks.
WHY DO I NEED DECEPTION TECHNOLOGY?
Today’s digital adversaries are more sophisticated and they do significantly more damage to the businesses they impact. Modern cyberattackers also hide deep within digital environments for longer periods of time. This typically gives them plenty of time to study vulnerabilities, and ultimately wreak extreme havoc for unwary organizations. Deception technology is used to lure or divert digital adversaries away from an organization’s real IT assets. It enables you to deploy traps and lures to reshape the network attack surface and confuse cyberattackers. Decoys mimic legitimate elements of your IT environment—such as endpoints, network, cloud—so the intruder believes he is interacting with the real thing. This gives your IT security team the near real-time ability to study an adversary’s behavior and detect, analyze, or defend against zero-day and advanced cyberattacks.
WHAT ARE THE KEY CAPABILITIES OF DECEPTION TECHNOLOGY?
Deception technology must help you identify and block sophisticated digital adversaries before they can damage critical infrastructure and exfiltrate sensitive data.
Your deception platform must:
• Enable you to deceive cybercriminals and lure them into a trap and non-winning environment.
• Keep cybercriminals and other rogue actors off-balance and ineffective at all levels of cyber warfare.
• Improve your ability to detect and track their tactics, techniques, and procedures (TTPs).
• Dynamically change and re-address the cyber terrain from endpoint to cloud.
• Confuse and delay adversaries by providing constantly changing Deception decoys.
FIDELIS DECEPTION TECHNOLOGY IS THE ANSWER
Fidelis Deception enables you to easily reshape the attack surface and lure, detect and defend earlier in the attack lifecycle. With Fidelis Deception, you can automatically deploy traps and lures to slow down, confuse and stop attackers. With Fidelis Deception natively integrated into your XDR platform, SOC teams can shift to a proactive cyber defense and easily find, deceive, and neutralize advanced cyber threats. Fidelis Deception Technology allows you to:
• Create and deploy authentic deception layers automatically.
• Expose your attacker in minutes to protect your organization’s valuable assets.
• Attract and trap cyber adversaries, malicious insiders, and automated malware at the deception layer.
At Fidelis, we believe that if you want a different outcome to the battle, reshape the attack surface and change the game.
PROACTIVE CYBER DEFENSE
Fidelis Deception has been combined with Network Detection and Response (NDR) and Endpoint Detection and Response (EDR) in Fidelis Elevate, an active XDR platform.
Our Active XDR platform brings together three powerful cybersecurity technologies to help organizations change the game to their advantage. Fidelis customers can seamlessly create clones of their subnets and assets that can be populated with fake user accounts and directories, and then lay down breadcrumbs for anyone who is trying to discover the network, and giving warning when an adversary is on the network.
Integrated deception capabilities make it easier to detect, respond, and neutralize cyber-attacks while adding cost and complexity to the attacker—making it harder for them to cause damage. Not only can organizations counter current cyberattacks, but they can learn more about their digital adversaries and prepare for new attacks in the future. Regardless of the tactics or technology adversaries use, Fidelis Deception will always be there to detect adversaries and lead them away from your assets.
Change the Relationship with Your Adversary
In defending your enterprise against adversaries, you have one advantage—you know your cyber terrain better than they do. Deception-based security is a proactive detection technology that allows you to use that knowledge to turn the tables on adversaries and expose data breaches quickly and accurately with minimal extra effort.
Fidelis Deception® helps reduce cyber dwell time by altering the perception of the attack surface. This hinders an adversary’s ability to move laterally undetected. Taking this proactive cyber defense approach makes it harder for adversaries to accomplish their mission and increases the attacker’s risk, giving you more time to understand TTPs, thwart the attack, and prevent future intrusions.
Fidelis Deception
Fidelis Deception® provides full situational awareness, with adaptive terrain analysis, intelligent deception technology, and comprehensive IT visibility so you can change the rules of engagement by re-shaping the attack surface. With authentic, interactive decoys and breadcrumbs on real assets and in Active Directory (AD), you lure cyber attackers, malicious insiders, and malware to the deception layer and catch them before they damage enterprise operations or exfiltrate data
How Deception Works
Deception publicizes decoys with breadcrumbs on real assets, luring attackers, malicious insiders, and automated malware away from valuable assets, and traps them inside the deception layer. Instead of fruitlessly searching for bad actors within dynamically changing environments, you get high-fidelity alerts from decoys, AD credentials, poisoned data, and suspicious traffic that lead you directly to the attacker. While adversaries pursue lures, you can hunt, detect, and defend faster and with greater confidence.
Terrain Analysis
Fidelis Cybersecurity solutions provide accurate and continuous terrain mapping and analysis across the IT landscape to spot the unexpected faster.
• Eliminate blind spots and close security gaps with complete cyber terrain mapping coupled with risk analysis.
• Remove blind spots for unknown assets, including legacy systems and shadow IT.
• Leverage intelligent risk assessments based on protection, activity, importance and more to protect valuable assets.
Intelligent Deception
Automatically create and deploy authentic deception layers that attract sophisticated adversaries.
• Create authentic decoys for: – Hardware: laptops, servers, routers, switches, cameras, printers, enterprise IoT devices, etc.
– Software: OS, applications, ports, services, applications, cloud assets, and similar data
– Active Directory
• Automatically generate traps, breadcrumbs, and poisoned data to dynamically alter the attack surface. • Consume adversary time with high and medium interaction decoys that distract from real assets.
• Learn TTPs and improve asset defense with real-time threat intelligence analysis.
High-Fidelity Alerts
Improve alerting accuracy with decoys that are unknown, obfuscated assets not used by employees.
• Investigate alerts knowing network paths and asset profiles, communications, and decoy interaction for faster time-toresponse.
• Eliminate the false positives that lead to alert fatigue.
Security Visibility
Stop attackers after the breach, and before they reach your valuable assets.
• Lure attackers with breadcrumbs on real assets to decoys to divert and defend.
• Detect lateral movement and adversary’s reconnaissance and activities as they look for valuable data they can steal.
• Improve security posture by learning details of attack paths, resource interests, and initial compromised foothold systems.
• Enable Red Team and Blue Team risk simulations to determine enhanced decoy and breadcrumb placement.
• Seamlessly connect with Fidelis Endpoint and Fidelis Network for broader traffic analysis and DLP.
The First Step in Proactive Cyber Defense
Elevate your defenses and change the game to reclaim the advantage over your adversary. Fidelis Deception makes it difficult and costly for adversaries to succeed while improving SOC team efficiency and effectiveness.
While Deception can be used on its own, unifying it in the Fidelis Elevate platform delivers contextual visibility and rich cyber terrain mapping across the full IT landscape.
These insights enable security teams to continually tune defenses and neutralize threats before they can damage business operations. They also form a foundation of intelligence to keep you ahead of the next attack. Find, stop, and remediate attacks with deception technology used by the DoD, US Intel communities, managed security providers, and Fortune 100 companies.
Source: https://bit.ly/39lPhgV
