Stop the threat of ransomware and APTs

Cybersense Deception detects intrusions into your corporate network early and accurately – preventing data theft, data encryption and extortion attempts.

Early detection

Triggers alerts during the attacker’s reconnaissance phase.


No additional software on clients or servers.


Independent of existing IT infrastructure.

Non disruptive

Zero impact on existing infrastructure.

Cost control

Can also be used in sub-areas of the corporate network.

No false alerts

Only the intentional use of Breadcrumbs and Decoys triggers alerts.

Cybersense Deception is based on deception and diversion.

Once attackers have breached your corporate network, they pass through the trip wires of our advanced deception technology. Because after an intrusion, criminals only have a few options: They will try to explore your IT (Reconnaissance), spread out (Lateral Movement) and usually also extend their privileges (Privilege Escalation). To do this, attackers need to scan IP networks and query DNS or directory services. This is precisely where Cybersense Deception outsmarts them through deception and diversion by means of Breadcrumbs and Decoys.


Breadcrumbs are fake information or files distributed in your IT environment, such as credentials, tokens, certificates and much more. They are used to divert the attacker to a Decoy.


Decoys are hosts that are indiscernible from your real assets. If attackers interact with a Decoy, Cybersense Deception triggers an alert.

We lure attackers on false trails: away from your servers and data

In other words, we create context-specific Decoys that we distribute in your IT infrastructure to lure attackers on a false trail – diverting them away from your real servers and data. The hackers have no chance to distinguish Breadcrumbs and Decoys from the real targets: Our Decoys are fully functional servers that run independently of your productive network. And Cybersense Deception Management scatters the Breadcrumbs onto your network with no discernible pattern. The deployment itself is carried out via your software distribution.

The result of misleading by a false appearance or trick.
Malware that hijacks data. The attacker encrypts the data and demands a ransom for the decryption key.
An "Advanced Persistent Threat" is a complex, particularly effective attack on critical system assets.
IT infrastructure, which is operated in own data centers.
Cloud bzw. Cloud Computing
Mostly internet-based provision of servers, storage space, computer processing capacities or software as a service.

Alert fatigue? Not with Cybersense Deception

Our intrusion detection system is designed to avoid harmful alert fatigue which results from the otherwise typical masses of alerts that have to be processed daily. Cybersense Deception, on the other hand, only triggers an alert when a Breadcrumb or Decoy is used: via email, SMS and by connecting to existing systems (ticket system, SIEM, monitoring) or security fabrics from well-known manufacturers.

Therefore, you can be sure that the manpower required to operate Cybersense Deception is significantly less than with other intrusion detection approaches.

High workload? We offer Managed Services made to measure

You decide where the rare but meaningful Cybersense Deception alerts are sent: to your administrators, to our team, or both. The designated security experts will then analyze the alerts, follow them up and take all necessary measures to mitigate the threat.

Cybersense Professional Service –
Security concepts made to measure

With Cybersense Deception, we support you in rapidly detecting intrusions in your IT infrastructure. But what happens next?

What measures need to be taken to mitigate the threat? What do these measures involve in detail? How are responsibilities designated within our team? At what point are external resources called in and for what purpose?

Contingency plans and playbooks

To best protect your assets from damage following an attack and facilitate an orderly response, we develop contingency plans for you – including escalation chains, responsibilities and if necessary, the integration of third party incident responders. We also create playbooks for targeted incident handling, reported through Cybersense Deception and other tools.

Systematic protection based on IT security concepts

However, contingency plans only help to de-escalate. You lay the foundation for systematic protection of your data, systems and employees with an individual security concept that we create together. We proceed as follows:

  • 1

    We define the sector of your company or organization for which the IT security concept will be created.

  • 2
    Structural analysis

    We compile all information, processes and systems that apply to the concept.

  • 3
    Protection requirements

    Depending on how mission critical assets are structured, we then determine their protection requirements, including those of the interfaces.

  • 4

    We define the necessary security measures.

  • 5
    Security check

    We identify and assess the level of security already in place.

  • 6
    Complementary security analysis

    We identify any risks that still remain.

  • 7
    Security concept

    We suggest organizational and technical measures to reduce any remaining risks to an acceptable level.

Do you have any questions? Would you like a demo?
We look forward to hearing from you.

Your contact partner
Sebastian Struwe

Contact us now