5 Ways to Fight Back Against Cybersecurity Attacks: The Power of Active Defense
As I pointed out in my previous story, “How Deception Technology Can Give Defense the Upper Hand in Cybersecurity,” deception-based cybersecurity systems allow defenders to play a much more proactive role when an attack is detected.
In this story, I’ll examine how an active defense strategy can be used to slow down, gather intelligence on, and ultimately outmaneuver an attacker. (For an in-depth explanation of deception-based cybersecurity technology, see “Active Defense: How Deception Has Changed Cybersecurity” on Early Adopter Research.)
But before we proceed, one key note of caution. Active defense is not about attacking adversaries. It is about detecting and derailing attacks early, gathering the intelligence needed to understand the attack, and stopping and preventing similar occurrences in the future.
Here’s what a company that employs an active defense faces when attacked:
- The company uses a deception-based cybersecurity system to put decoy data and attack points all over its IT landscape.
- An attacker gains access inside the perimeter of the network and is lured into accessing one of the decoys or the deception bait.
- At this point, an alert is raised and security analysts can make a choice: Shut down the attack or contain the attack within the deception environment and observe what the attacker does next through forensic analysis.
If the security analyst decides to go down the forensic analysis path, here are five ways to fight back.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise