Deception technology speeds up detection of attacks
Users of deception technology report a 12X improvement in the average number of days it takes to detect attackers operating within an enterprise network.
New research for Attivo Networks carried out by Enterprise Management Associates suggests attacker dwell times can be as low as 5.5 days with deception in use compared to an average of 78 to 100 days for those not using the technology.
When respondents were asked to rank 12 security tools for detecting insider threats, 30 percent ranked deception technology, tied with next-generation endpoint security, as the most effective tool in detecting insider threats.
“Quantifying the return on investment of security controls can be extremely challenging and is often tied to overall breach metrics that can be heavily debated,” says Carolyn Crandall, chief deception officer and CMO of Attivo Networks. “This survey is particularly interesting in that it quantifies the specific value derived and the sentiment of deception technology users compared to non-users.”
The top five benefits of the technology are cited as faster incident response (13 percent), detection of basic and advanced threats regardless of techniques (12 percent), more actionable alerts (12 percent), intelligence on attacker movement techniques and targets (12 percent), and visibility to attack paths and credential vulnerabilities (12 percent).
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise