Posted by Anton Jacobsz | 9 February 2018 | 4,224 times
Deception is usually frowned on by most societies and can carry negative connotations. But can deception ever be a positive? Cybersecurity company Attivo Networks believes that it certainly can be.
Anton Jacobsz, managing director at Networks Unlimited, an African value-added technology distributor of Attivo Networks, says, “Companies are recognising more and more that a new approach is needed in today’s cybersecurity defence strategies. During the past few years, the pace and intensity of malware, ransomware and phishing attacks from those looking to steal information have increased significantly. Our vendor partner, Attivo Networks, offers another, completely different layer of protection in the form of ‘deception technology’. It’s an excellent and complementary addition to any company’s layers of cyber protection strategies.”
Advanced deception technology platforms offer the capability to exercise deception-based detection throughout every layer of the network stack, enabling efficient exposure for every threat vector. Using high-interaction decoys and lures, deception solutions effectively deceive attackers into revealing themselves, thereby closing the ‘detection deficit’. With early visibility into threats and the evidence-based alerts required to accelerate incident response, deception technologies are rapidly becoming the solution of choice for organisations looking to implement an active defence strategy and accelerate incident response.
As a result of the effectiveness of advanced deception technology, organisations across all major industries in North America, including retail, energy, and healthcare, are aggressively adopting these solutions. FBR Capital Markets forecasts that the deception technology market as a detection security control will grow to US$3 billion by 2019, three times its size in 2016.
Jacobsz clarifies, “The ThreatDefend Deception and Response Platform from Attivo Networks is designed to make the entire network a trap and to force the attacker to have to be right 100 percent of the time or risk being discovered. The solution is based on six pillars, which include visibility, real-time detection, malware and phishing analysis, forensic reporting, incident handling, and response.”
The solution combines distributed, high interaction deception decoys and lures designed to provide early visibility into in-network threats, efficient continuous threat management, and accelerated incident response. The platform provides a ‘hall of mirrors’ environment that is baited with lures and traps, while making deception decoys completely indistinguishable from company assets. The decoys attract and detect attackers in real-time, actively engaging with them so that their movements and actions can be safely analysed, and evidence-based alerts raised.
“Deception technology is now coming into its own. Early adopters of intrusion detection technology faced challenges with accurate detection, because these solutions were either based on known signatures, attempting to pattern match, or looking for anomalous behaviour. In the early days, the results were unreliable and generated high volumes of logs and false positives. With limitations such as staffing and time constraints, many of these alerts were simply ignored, and attackers then took advantage of inefficiency, sometimes going undetected for an average of 200+ days. Today, however, advanced deception technology is a force to be reckoned with in the cybersecurity field. You could think of it as the ‘smoke and mirrors’ arm of your cybersecurity arsenal, ultimately using the art of deception in the ongoing fight against those who aim to hold others to ransom,” Jacobsz concludes.
For more information, please contact Duncan Moodley, product manager: Attivo Networks at Networks Unlimited, at firstname.lastname@example.org.
About Networks Unlimited
Networks Unlimited is a value-added distributor, offering the best and latest solutions within the converged technology, data centre, networking, and security landscapes. The company distributes best-of-breed products, including Arbor Networks, Attivo Networks, Fortinet, F5, Hypergrid, Mellanox, ProLabs, Rackmount, RSA, Rubrik, PhishMe, Silver Peak and Tintri. The product portfolio provides solutions from the edge to the data centre, and addresses key areas such as cloud networking and integration, WAN optimisation, application performance management, application delivery networking, Wi-Fi-, mobile- and networking security, load balancing, data centre in-a-box, and storage for virtual machines.
Since its formation in 1994, Networks Unlimited has continually adapted to today's progressively competitive and evolving marketplace, and has reaped the benefits by being a leading value-added distributor (VAD) within the Sub-Saharan Africa market.
Networks Unlimited complies with the South African Broad-Based Black Economic Empowerment (B-BBEE) guidelines as a Level 4 Contributor.
•Anton Jacobsz is MD, Networks Unlimited
No comments yet. Be the first to post comment.