with Automatic Response
Capabilities
www.AmericanSecurityToday.com July 2020 - Edition 46
Reducing dwell time — the
amount of time between when
intruders enter the network and
when the organization detects
them — limits the potential damage
an attacker can cause.
Because they don’t have a way to
engage the adversary, they can
only gather limited information
about the attacker.
InfoSec teams must then conduct
manual investigations to gain
actionable adversary intelligence
and correlate attack data
for triage.
Unfortunately, most of today’s detection
tools will simply alert on
a live attack.
These investigations take time,
as those involved will need to research
various logs and tools
https://www.youtube.com/watch?v=1BghQec2vYw
(See a brief introduction to deception technology and the Attivo Networks ThreatDefend
Deception and Response Platform. Courtesy of Attivo Networks and YouTube.)
28