CSO Online, August 18, 2015, Tangible Security’s Allen Harper discussed with CSO Online how the enterprise can employ deception technologies to both significantly increase attacker costs as well as to detect them and their malicious code that would otherwise elude detection.
Attackers routinely alter their attack payloads to elude enterprise signature-based defenses. Consequently, attackers take minutes or hours to penetrate an enterprise whereas the enterprise typically takes days or weeks or even months to detect the attackers.
Allen explained how deception technologies alter this paradigm in three ways. 1) Attackers reveal themselves by interacting with virtual nodes that legitimate users do not. 2) Fake nodes attract attackers’ attention, who then waste considerable time on them, increasing their attack costs substantially. 3) Fake nodes capture copies of the attackers’ most valuable attack payloads. The latter reveals valuable threat intelligence information about the attackers, their methods and tactics, and sometimes their goals.
Written by David Geer for CSO Online Original article
- Tangible Labs
- Contact Us