Deception Technology

Image result for deception technology

As technologies are advancing and it is said that data is new currency of the 21st century and so on.so to secure this currency the need of secure network which can has capacity or the ability  of early warning and defending the zero day attack is way more important.so this is where deception technology comes in a picture and following are the reason and views or the advice about deception technology

"According to Sun Tzu, if an enemy has an incorrect view of the battlefield, they can be manipulated into manageable situations," said Rick Moy, CMO of Acalvio. "This also applies in cybersecurity. If an attacker is spending time and energy breaking into a faux server, the defender is not only protecting valuable assets, but also learning about [the attacker's] objectives, tools, tactics and procedures."
That one example lays out the basic premise behind deception tools and technologies. It follows Sun Tzu's advice: "When your enemy seeks an advantage, lure him further."
"The idea is to mask real high-value assets in a sea of fake attack surfaces," said Ori Bach, VP of products and marketing at TrapX Security. "By doing so, attackers are disoriented."

what is Deception Technology?


Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze, and defend against zero-day and advanced attacks, often in real time. They are automated, accurate, and provide insight into malicious activity within internal networks which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.

How Deception technology  works?


Gartner analyst Lawrence Pingree laid out the technology in detail in a report titled, "Emerging Technology Analysis: Deception Techniques and Technologies Create Security Technology Business Opportunities."

"Distributed deception platforms (DDP) are solutions that create faked systems (often real operating systems, but used as sacrificial machines), lures (such as fake drive maps and browser histories) and honey tokens (fake credentials) on real end-user systems to entice and mislead the attacker to faked assets in order to enhance detection and to delay their actions as they attack those decoy assets," wrote Pingree.
Core functions of such systems, he added, include: Centralized management of real-user endpoint lures and decoy endpoint hosts (servers and workstation hosts); the ability to manage deceptive services, web applications and other network integration capabilities of decoys; the ability to administer endpoint lures and honey tokens to entice the attacker; and the ability to administer and distribute deceptive data (Word documents, database tables/entries and files) in decoy host deceptions.
Question remains how well you map or plot your deceiving route for deceiving?


References:
  • https://www.esecurityplanet.com/network-security/deception-technology.html
  • http://trapx.com/wp-content/uploads/2018/03/Gartner-Reprint.pdf 

Comments

  1. VisionNovember 4, 2018 at 7:32 AM

    Would recommend everyone to read.

    ReplyDelete
  2. AnonymousNovember 4, 2018 at 8:57 AM

    The article lacks depth in the sense implementation of the technique. Also information about how deception relates to techniques like honeypots could've made the article more complete.
    Otherwise a good collection of information for beginners to the topic.

    ReplyDelete
    Replies
    1. Lax17sarkiNovember 4, 2018 at 9:32 AM

      yeah @BooBoo i was thinking of coming up with new blog where i differentiate between honeypots and deception(or else how honeypots are created in deception ) and even vendors who use this technology.
      I appreciate your honesty and suggestion i will definitely come up with in depth implementation technique won't let you down.
      thanks a lot and means a lot people like always force to push forward in life .

      Delete

Post a Comment

Popular posts from this blog

Data Preprocessing for Machine learning in Python

Image
Data Preprocessing for Machine Learning in Python Data Preprocessing is a technique that is used to convert the raw data into a clean data set.  In simple words, pre-processing refers to the transformations applied to your data before feeding it to the algorithm.   Need of Data Preprocessing             QUALITY DATA : ( Low Quality of data  gives  Low Quality of mining  results                                 -  Quality decisions must be based on quality data       e.g., duplicate  or missing data may cause incorrect or even misleading statistics . Tasks of Data Preprocessing Different steps are involved for Data Preprocessing. These steps are described below - Data Cleaning This is the first step which is implemented in Data Preprocessing. In this step, the primary focus is on handling missing data, noisy data, detection, and removal of outliers, minimizing duplication and computed biases within the data. Data Integration This process is u
Read more