Page 20 - Cyber Warnings
P. 20
What else should a person evaluating deception know?
Common Misconceptions
Deception is only for outside the network – The focus and value of a deception solution
is for detecting inside-the-network threats.
Deception is easy to detect – Deception that runs real operating systems, allows
customized images and services, and dynamic deception lures will appear
indistinguishable to an attacker.
Deception is hard to install – Installation and activation of detection solution occurs in
less than 30 minutes.
Deception requires more staff to operate – Alerts are based on actual engagement (zero
false positives) with server and have substantiated forensics to make each alert
actionable. The environment also auto-rebuilds after each attack. Additional staff is not
required to operate the platform given the high quality alerts, depth of reporting, and 3rd
party SIEM and prevention system integrations.
Isn’t deception just a honeypot? – At the most fundamental level, there is some
commonality. They are both designed to confuse, misdirect, and delay the enemy by
incorporating ambiguity and misdirecting their operations. Beyond that, however, the
technologies are quite different. More information can be found at this blog, which
explores the origins of honeypots and explains why comparing a honeypot to a
deception platform is like comparing a horse and buggy to a Tesla.
I would encourage anyone interested in purchasing a deception platform to get a demo so that
you can see the full functionality and user interface of the solution. I hope that you find this
overview and checklist useful and welcome additional thoughts on ideas for evaluating
deception platforms and their functionality.
About the Author
Carolyn has over 25 years of experience in high tech marketing and sales
management. At Attivo Networks she is the Chief Marketing Officer
responsible for overall marketing strategy, building company awareness,
and creating customer demand through education programs and
technology partnerships.
She has built leading brand strategy and awareness, high-impact demand
generation programs and strong partnerships for some of the industry’s fasted growing high-
tech companies including Cisco Systems, Juniper Networks, Riverbed, Nimble Storage, and
Maxta.
20 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide