AST September 2018 'ASTORS' Showcase Edition Sep 2018 Final (9.18.18) | Page 37
offense
into the realm of cybersecurity
Volume 27
with the ability to deceive and misdi-
rect an attacker into revealing them-
selves.
September 2018 Edition
All, without false positive alert fatigue and
the burden of operational overhead asso-
ciated with traditional detection methods.
Given its efficacy in detection and abil-
ity to gather intelligence to diffuse
the attacker, deception is rapidly be-
coming a de facto security control for
closing the detection gap and for being
able to reliably answer the question of
whether there are threats inside the
network.
Attackers exploit infected endpoints to extract credentials and location of
the assets that it wants to target.
What’s Different with Deception?
The challenge with current detection solu-
tions is that they are reliant on signatures,
pattern matching, or behavioral anomaly
detection and as such,
are limited in efficacy
or take time to “get
good.”
This new approach is deception, which
delivers accurate, early detection, ev-
idence-based alerts, and an effective
solution for reducing the mean time
to remediation.
The learning and tuning
process inherently pro-
duces false positive
noise that will drain re-
sources and create alert
fatigue.
A new approach is
needed, one that is
accurate and action-
able.
(See a brief introduction to deception technology and the Attivo Networks ThreatDefend
Deception and Response Platform.)
35