Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology and strategies for combatting targeted attacks

Actionable Forensics for SOAR: An Illusive Networks Integration with Cortex XSOAR

Arguably, defenders have more data and intelligence than ever about impending threats and attacks. According to a recent Ponemon Institute study, the average organization deploys 47 separate security solutions, each providing a dizzying array of alerts and reporting. If an intruder gets in, it should be easy to identify and stop them, right? Surely an alert has gone off somewhere in the system. Of course, it's not so simple.
Read More

The Agentless Advantage in Cybersecurity – Lower IT Burden and Risk

Agent vs. agentless: you’re likely familiar with the debate about which approach is best in today’s ever-changing threat environment. However, when it comes to detection of in-network threats, particularly using endpoint-based distributed deception as a strategy, an agentless approach is significantly more effective and safe. 

  Read More

Deception Platforms Positioned in the Peak of Inflated Expectations on the Gartner Hype Cycle for Security Operations, 2020

We’re excited to share that Gartner’s latest Hype Cycle for Security Operations, 2020 – available here to Gartner subscribers – has positioned Deception Platforms in the Peak of Inflated Expectations on the Hype Cycle. According to the report, “security operations technologies and services defend IT systems from attack through the identification of threats and exposure to vulnerability, enabling effective response and remediation. The innovations included here aim to help security and risk management leaders enhance their strategy.”

Read More

Easier Security Management Across Segmented Networks

Network segmentation—splitting up a network into smaller subnetworks—is a common practice, especially in large organizations. The benefits in segmenting networks include heightened network security, including better privilege management across different departments, isolating a successful attack (or other types of network failures) to a local network, and reduced attack surface, as well as better network performance through reduced congestion (fewer hosts in each subnetwork). Regulatory compliance can be a motivation as well. Additionally, previous mergers and acquisitions often necessitate that networks remain separate.  

Read More

Preventing Attackers From Turning a Cloud Ecosystem Into a Security Nightmare

One topic we’ve written about a lot on this blog is lateral movement, when attackers leverage existing credentials and connections to move from one machine to another within an environment. When you add cloud to the mix, however, there are so many changes - from new attack vectors to methodologies and prioritizations - that the phrase seems incomplete.
 
Read More

Decoys in the Cloud – No Hardware Required

When it comes to threat detection, distributed deception is still the most effective option available for trapping in-network attackers. High-interaction decoys remain valuable, however, mainly for threat hunting, intelligence and research, with the long-term ability to learn an attacker’s methods, targets, tools and techniques. These decoys are live, network-attached operating systems set up to mimic real assets to lure an attacker into full engagement.
Read More

The Rapid Rise of Insider Threats During COVID – and How You Can Stop It Now

What an amazing time to be a hacker – systems weakened, attention drawn elsewhere, targets operating under duress in unfamiliar environments. It’s infuriating that right now, while armies of medical professionals and first responders are risking their lives to save ours, armies of nation-state cyber attackers are working 24/7 shifts to silently plant seeds across the global enterprises that they will return to compromise as the crisis passes.
Read More

4 Ways Coronavirus Will Affect Cybersecurity, and 4 Defense Methods

The COVID-19 coronavirus outbreak remains a volatile risk to global health, and in turn has led to roiled financial markets all over the world. We still don’t exactly know how this epidemic will continue to spread, or how it will ultimately affect the international economy. However, experience with past outbreaks and recessions suggests that attackers will soon be looking to see how they can exploit the uncertainty and hardship of the moment for their own gain. It is worth taking a step back to explore how the cybersecurity landscape might rapidly change over the next few months, and what actions organizations can take to protect themselves now. Read More

Deception Increasingly Seen By Analysts as Indispensable

Cybersecurity continues to rise to the top of the list of concerns for organizations of all sizes, and in particular large enterprises such as banking and financial services companies, healthcare providers, and technology firms. Recently, a senior security leader at a national bank and a customer of Illusive told us that after surviving the 2008 financial crisis, he is confident the bank can withstand another financial crisis, but worries that the risk of a major cyberattack poses an existential threat.

Read More

Defending Active Directory: Here’s How to Paralyze Attackers

Security teams are tasked with protecting an organization’s crown jewels - essential data volumes, intellectual property, financial transactions, or revenue-dependent business operations – from malicious insider or external threats. It’s an evolving and difficult challenge, especially with understaffed SOC teams drowning in false alerts, and ever-increasingly sophisticated attackers using various methods to exploit network vulnerabilities.
Read More