Six benefits of initiating a deception strategy for IT security teams
Faced with an ever-increasing range of sophisticated cyber threats and evolving attack surfaces, IT security teams are adopting a new line of defense: deception. They recognise that, despite there being a range of security tools and services in place, cybercriminals are still managing to bypass them and gain entry to infrastructures. Clearly, a new approach is required. That new approach is based on cyber deception.
Deception puts increased power into the hands of security teams by comprehensively protecting against attacks from both external parties and malicious insiders, accurately notifying that something is wrong, and by delivering detailed threat intelligence for prompt remediation.
Advanced teams can go so far as misdirecting attacker actions and altering feeds to attackers automated tools in order to confuse the adversary and the derail attack.
A deception strategy involves deploying decoys, lures, and bait such as fakes systems, applications, file stores, and credentials within a corporate IT infrastructure that actually have nothing to do with day-to-day activity but appear as if they do.
Because staff have no reason to access these resources, any time there is engagement, it is highly likely that the activity is a cyberattack or at a minimum a policy violation that needs investigation.
Read the complete article by Attivo Networks A/NZ regional director Jim Cook.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise