Doron held executive and management roles in cyber security and software development for over 25 years. He serves now as the CTO for the Deception in Fidelis Cybersecurity. Doron founded TopSpin Security... Read More
The goal of cyber deception is to more effectively detect attacks that have infiltrated an organization’s network, to confuse and misdirect the attacker, and to understand what assets have been compromised. Remember, deception defenses can leverage the attackers’ knowledge gap while they try to move laterally within the network. This blog looks at the 5 key components of an active cyber deception defense:
Forensic analyses of attacks that have succeeded show that the critical time between infections, the first moments of attack, and detection is far too great — often measured in months. By the time an organization learns it is under attack, not to mention when they finally analyze the breach and assess the risk, the attacker has likely already made off with valuable assets. Intelligent deception can significantly reduce dwell time by detecting attacker activity inside an organization’s network and producing high-fidelity alerts that defenders can take action against with confidence. And it should be part of a broader security platform that integrates network traffic analysis and endpoint detection and response capabilities to allow immediate mitigation on the endpoint as well as on the network and ultimately provide a complete picture of an attacker’s activity.