Managed Cyber Deception
Active defense and deception of attackers

Managed Cyber Deception
Active defense and deception of attackers

Are you sure you have not been attacked yet?
Deception technology enables the detection of attacks and thus also a quick defense.
So that security managers can sleep soundly again.

What is Cyber Deception?

Deception means that you deceive the hacker, trap him with fake crown jewels in your network and distract him from the real ones. Deception solutions lure the hacker into a minefield; if he steps on a mine, an alarm is triggered and you can react immediately.

The increasing number of successful hacker attacks is forcing companies to explore new avenues in addition to familiar defense mechanisms. For example, by turning the tables and making the attacker the hunted.

Shifting cyber defense strategy to this more active role means knowing your risks, protecting privileged identities and crown jewels, and understanding and influencing the attackers' paths.

Why Cyber Deception:

  • Despite all the protection and detection solutions, the hacker will always find a way to penetrate a network undetected.
  • Cyber Deception, however, makes this much more difficult for the attacker, as he never knows if the systems of interest are actually genuine.
  • The method of sending the attacker away from productive resources, onto a virtual minefield, is the best active defense, according to MITRE.
  • With the right strategy, you lure the attacker to where he can't do any damage, and you detect him at his first mistake.
  • Cyber Deception is largely independent of attack techniques, which is a significant advantage over a SIEM, EDR or NDR solution.

Scope of our Managed Cyber Deception service:

  • Workshop with subsequent concept development
  • Installation and commissioning of the solution
  • Ongoing operation and tuning of the solution

Your benefit:

  • Cyber Deception is an important complement to existing detection solutions such as EDR, NDR or SIEM.
  • Early threat detection: You detect the hacker at his first misstep. In other words, they turn the tables and take the attacker by surprise.
  • Deception and analysis of the attacker: With Cyber Deception you steer the attacker in the desired direction and can observe him at your leisure and derive further steps for your defense.
  • You can start a Deception project small (continue to build at your leisure) and enjoy greatly enhanced protection from the start.

Integration into the SOC:

  • terreActive handles the integration of the Cyber Deception solution into your existing SIEM.
  • Incident Response: should the Deception solution detect an incident, terreActive provides complementary SOC services to respond.
  • Cyber Deception can reduce the number of false alarms in your SOC.

Honeypots?

In the past, people used deception tools like honeypots. However, these are reactive, static techniques that quickly become obsolete. They are also easily detected by professional hackers, and field tests have shown that honeypots are much more likely to cause false alarms, leading to alert fatigue in security engines.