Attivo Networks®, an innovator in information security threat detection, today announced that its deception-based Attivo BOTsink® solution works as an integrated solution with the Juniper Networks® SRX Series security portfolio.
TalkTalk announced that it has been the target of a data breach—its third such attack this year. Details are sketchy because the investigation just began and is still ongoing, but in a worst-case scenario it’s possible the attackers have accessed the entire customer database—compromising sensitive data on up to 4 million customers. TalkTalk also revealed that somebody claiming to be responsible for the hack has contacted the company with a ransom demand.
Kelly Jackson Higgins
Oct 1, 2015
A new generation of ‘threat deception’ technology takes the decoydoc to a new, enterprise level.
It’s not technically hacking back, but it’s definitely a more aggressive way to defend your network. A wave of startups and established security firms are offering deception-based security technologies, a sort of next-generation, proactive decoydoc approach for enterprises.
Gartner calls this emerging sector “threat deception,” and predicts that 10% of all enterprises by 2018 will employ some form of deception tools and tactics against attackers. These virtual machine or appliance-based tools basically pose as legitimate members of the network–file servers, routers, switches, database servers, and even Internet of Things devices– typically near critical assets such as a point-of-sale system or a server as another layer of defense. They mimic the real system but also detect, analyze and disrupt an attack from getting to a real target.
Remember hearing the stories of “The Little Boy Who Cried Wolf”? His calls for help created alarm among the townspeople until, ultimately, they got so used to false alarms they started ignoring his cries for attention. Now imagine multiple boys crying “wolf” at the same time. Are some real? Some false? How much time would it take to investigate each of these cries and would the real wolf attack while you were trying to react to every alarm? The magnitude of these cries quickly become an unfathomable nightmare and inevitably just becomes white noise.
Attivo Networks™, an innovator in information security threat detection, today announced it has been named an Affiliate Board Advisor of the Financial Services Information Sharing and Analysis Center (FS-ISAC), a community of financial organizations working together to share cyber and physical threat intelligence and combat cybercrime activities.
Penny Crossman: Sept 14, 2015 Bank Technology News – Gotcha!
That is the goal behind an increasingly popular cybersecurity tactic in financial services that relies on deception to lure hackers into a fake network component, server or database to study their behavior and — ideally — to shut them down.
By Sandra Kuranda * CRN:
As companies continue to get hammered by breaches, a clear gap in the effectiveness of many security portfolios becomes more evident with each attack. However, a new category of emerging security startups say they have the answer and are disrupting the threat detection space with what they call “deception” technology.