Stop the threat of ransomware and APTs
Cybersense Deception detects intrusions into your corporate network early and accurately – preventing data theft, data encryption and extortion attempts.
Early detection
Triggers alerts during the attacker’s reconnaissance phase.
Agentless
No additional software on clients or servers.
Complementary
Independent of existing IT infrastructure.
Non disruptive
Zero impact on existing infrastructure.
Cost control
Can also be used in sub-areas of the corporate network.
No false alerts
Only the intentional use of Breadcrumbs and Decoys triggers alerts.
Cybersense Deception is based on deception and diversion.
Once attackers have breached your corporate network, they pass through the trip wires of our advanced deception technology. Because after an intrusion, criminals only have a few options: They will try to explore your IT (Reconnaissance), spread out (Lateral Movement) and usually also extend their privileges (Privilege Escalation). To do this, attackers need to scan IP networks and query DNS or directory services. This is precisely where Cybersense Deception outsmarts them through deception and diversion by means of Breadcrumbs and Decoys.
Breadcrumbs are fake information or files distributed in your IT environment, such as credentials, tokens, certificates and much more. They are used to divert the attacker to a Decoy.
Decoys are hosts that are indiscernible from your real assets. If attackers interact with a Decoy, Cybersense Deception triggers an alert.
We lure attackers on false trails: away from your servers and data
In other words, we create context-specific Decoys that we distribute in your IT infrastructure to lure attackers on a false trail – diverting them away from your real servers and data. The hackers have no chance to distinguish Breadcrumbs and Decoys from the real targets: Our Decoys are fully functional servers that run independently of your productive network. And Cybersense Deception Management scatters the Breadcrumbs onto your network with no discernible pattern. The deployment itself is carried out via your software distribution.
- Deception
- The result of misleading by a false appearance or trick.
- Ransomware
- Malware that hijacks data. The attacker encrypts the data and demands a ransom for the decryption key.
- APT
- An "Advanced Persistent Threat" is a complex, particularly effective attack on critical system assets.
- On-Prem
- IT infrastructure, which is operated in own data centers.
- Cloud bzw. Cloud Computing
- Mostly internet-based provision of servers, storage space, computer processing capacities or software as a service.
Alert fatigue? Not with Cybersense Deception
Our intrusion detection system is designed to avoid harmful alert fatigue which results from the otherwise typical masses of alerts that have to be processed daily. Cybersense Deception, on the other hand, only triggers an alert when a Breadcrumb or Decoy is used: via email, SMS and by connecting to existing systems (ticket system, SIEM, monitoring) or security fabrics from well-known manufacturers.
Therefore, you can be sure that the manpower required to operate Cybersense Deception is significantly less than with other intrusion detection approaches.
High workload? We offer Managed Services made to measure
You decide where the rare but meaningful Cybersense Deception alerts are sent: to your administrators, to our team, or both. The designated security experts will then analyze the alerts, follow them up and take all necessary measures to mitigate the threat.
Cybersense Professional Service –
Security concepts made to measure
With Cybersense Deception, we support you in rapidly detecting intrusions in your IT infrastructure. But what happens next?
What measures need to be taken to mitigate the threat? What do these measures involve in detail? How are responsibilities designated within our team? At what point are external resources called in and for what purpose?
Contingency plans and playbooks
To best protect your assets from damage following an attack and facilitate an orderly response, we develop contingency plans for you – including escalation chains, responsibilities and if necessary, the integration of third party incident responders. We also create playbooks for targeted incident handling, reported through Cybersense Deception and other tools.
Systematic protection based on IT security concepts
However, contingency plans only help to de-escalate. You lay the foundation for systematic protection of your data, systems and employees with an individual security concept that we create together. We proceed as follows:
-
1
Scope
We define the sector of your company or organization for which the IT security concept will be created.
-
2
Structural analysis
We compile all information, processes and systems that apply to the concept.
-
3
Protection requirements
Depending on how mission critical assets are structured, we then determine their protection requirements, including those of the interfaces.
-
4
Modelling
We define the necessary security measures.
-
5
Security check
We identify and assess the level of security already in place.
-
6
Complementary security analysis
We identify any risks that still remain.
-
7
Security concept
We suggest organizational and technical measures to reduce any remaining risks to an acceptable level.
Do you have any questions? Would you like a demo?
We look forward to hearing from you.
Your contact partner
Sebastian Struwe