While last year we touched on a few deception network tools in this space, this year we've gone back to see what new players have popped up and consider the improvements and innovation within the segment.
If you are not familiar with deception tools, they are used to create decoy assets on your network. Your end users have no business reason to interact with the decoys, so anyone who does has malicious intent. Most tools take things further, placing “breadcrumbs” on other assets to make the decoys appear real and more attractive to probe.
The companies whose products are reviewed here take pride in their technology and most invite red teams to conduct exercises inside networks with their deception tools deployed. Even though some teams know that deception is deployed, they still struggle to differentiate between what is real and what is planted.
When attackers follow breadcrumbs leading to decoys of clients, servers, and even IoT devices, they spend more time in your network, allowing you to observe intruder behavior, properly contain the threat, and remediate the gaps in your security plan to prevent future intrusions.
Providers each take a different approach on deception – from hardware/software-based solutions offered to the types of deceptions they deploy, these technologies create enough hassle to throw off even the most seasoned red teamer.
While this is still an emerging space and the tools are evolving rapidly, we are starting to see a trend toward companies planning future budgeting around these tools to increase their ability to detect threats and respond quickly to remediate. This area has been and continues to be one in which SC Labs monitors the evolution of the toolset. As IoT continues to play a larger role in the enterprise, the threat landscape will evolve further, making deceptions even more important.
So, the big question remains – are deception network tools on your radar for 2018 or are you planning to wait for them to become more mainstream?
Please check below for all the Emerging Product reviews for August.
Acalvio Technologies ShadowPlex
Attivo Networks ThreatDefend Detection and Response Platform
CounterCraft Cyber Deception Platform
Fidelis Cybersecurity Fidelis Deception
TrapX Security DeceptionGrid