Using Deception for Early and Efficient Threat Detection
- LANGUAGE: English DATE: Wednesday, October 28, 2020 TIME: 3:00pm CET, 10:00am EDT, 7:00pm PDT
Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to remain prone to and the victim of cyberattacks and other security risks.
To combat modern cyber threats, organizations have invested in more and more tools focused on threat detection leveraging big data analytics and user behavior modeling―generating massive waves of alerts, which too often turn out to be false positives. Analysts spend too much time chasing benign behavior and consequently, real attacks are slipping through. Behavioral and activity-based detection solutions powered by machine learning are still probabilistic in nature, requiring cycles of manual effort to truly track down and confirm if a threat is present. More deterministic approaches are required to quickly find and respond to real threats effectively in real-time.
Distributed deception platforms offer an interesting alternative approach. By deploying deceptive network artifacts designed to authentically mimic real resources, e.g. domain credentials, within a data center or cloud environment that hackers seek to find and leverage as a means to facilitate their attack, these solutions fool attackers into engagement―triggering identification of their presence. The use of deception platforms helps organizations detect and contain cyberattacks sooner in the attack process―regardless of established patterns of user activity baselines.
Because these solutions alert only on attacker interactions with a deceptive asset, not mere deviations from a “normal behavior profile”, the high fidelity nature of these alerts helps Incident Response teams take immediate steps to stop the threat armed with detailed forensic intelligence collected in real-time from the attacker’s specific actions.
Join this webinar to discuss:
the challenges of behavior threat detection technologies and how to deal with them
the benefits of a more deterministic approach based on threat deception
improving the efficiency of your existing security operations center
best practices for deploying modern distributed deception solutions
Alexei Balaganski, Lead Analyst at KuppingerCole, will talk about the evolution of threat detection technologies, challenges modern digital enterprises are facing, and approaches to overcome them.
He will be joined by Wolfgang Halbartschlager, Sales Engineer EMEA at Illusive Networks, who will present a deeper technical overview of threat deception technology and will talk about practical issues of adding such solutions to your existing security infrastructure.
Totseret Ha-Arets St. 7 • 6789104 Tel Aviv-Yafo • Israel
Illusive Networks stops cyberattacks by destroying attackers’ ability to make decisions as they move toward their targets. Illusive’s simple, agentless solutions eliminate high-risk pathways to critical systems, detect attackers early, and capture real-time forensics to minimize incident impact so that organizations can function with greater confidence and cyber agility.
Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged access in organizations and companies. To reduce the risk of privileged accounts being hijacked or used fraudulently, and to uphold regulatory compliance, a strong PAM solution is essential. But finding the right PAM solution can be challenging.