July 2019 AST Magazine AST July 2019 Magazine

Collectively, this gives the SOC team www.AmericanSecurityToday.com a thorough understanding of at- tacker capabilities, goals, and mo- tivation – while attackers think that they are escalating the attack. Post compromise, July this allows teams 2019 - Edition 35 to strategically place deception to determine if threats are eradicated and to set additional traps in the event the attacker tries to return. Organizations can then take this in- telligence and use it to build a pre- dictive defense, strengthen their overall security posture, and share with law enforcement and industry peers. On average, an attacker has 100 days in which to discover your sys- tems, harvest data, review files, modify data sets, exfiltration… Anything and everything they need to return. Security teams are also finding tre- mendous value in deception for “si- Deception can promptly detect lent” threat hunting. them if they do. Attivo Networks Deployment 12

July 2019 AST Magazine AST July 2019 Magazine | Page 14