Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology and strategies for combatting targeted attacks

Easier Security Management Across Segmented Networks

Network segmentation—splitting up a network into smaller subnetworks—is a common practice, especially in large organizations. The benefits in segmenting networks include heightened network security, including better privilege management across different departments, isolating a successful attack (or other types of network failures) to a local network, and reduced attack surface, as well as better network performance through reduced congestion (fewer hosts in each subnetwork). Regulatory compliance can be a motivation as well. Additionally, previous mergers and acquisitions often necessitate that networks remain separate.  

Read More

Preventing Attackers From Turning a Cloud Ecosystem Into a Security Nightmare

One topic we’ve written about a lot on this blog is lateral movement, when attackers leverage existing credentials and connections to move from one machine to another within an environment. When you add cloud to the mix, however, there are so many changes - from new attack vectors to methodologies and prioritizations - that the phrase seems incomplete.
 
Read More

A Deception Technologist’s View of Cloud Security

As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike. Read More

A Look at Cybersecurity Vulnerabilities in the Cloud

Based on a recent survey of over 1000 IT professionals from Evolve IP, half of all IT leaders and administrators, believe that the public cloud is less secure than on-premise hosting. Read More