Hunting the Attackers, not the Attacks

Active Defense

Deception Technology

Post-Breach Defense Detection Based on Deception

The newest generation of remotely controlled network attacks is challenging the effectiveness of traditional detection and prevention tools, making prevention-based approaches less effective. It is only a matter of time before determined cybercriminals penetrate your corporate network and systems. This paradigm shift dictates that organizations change their information risk management strategies from prevention-based to post-breach detection security approaches, if they are to maintain and safeguard their cybersecurity posture.

Prevent threat-actors who have managed to infiltrate your network from moving unimpeded for months, stealing data and intellectual property.

In a Nutshell

What is Active Defense

Lay traps to catch attackers in the event of a breach

Lure and deceive attackers into revealing information about them

Buy valuable time by delaying and misdirecting attackers in your network

How it Works

What it does

Defense “Decoys and Beacon Traps” are designed to detect reconnaissance and malware related activity, as well as to access and/or use planned fake information, which may include user access credentials, database connections and network shares, in order to deceive cybercriminals into thinking they have discovered a way to escalate their privileges, perform lateral movement, and/or access sensitive information/data towards achieving their goals.

If threat-actors attempt any probing or access any fake information, ClearSkies™ Active Defense triggers an alert notification, and delivers attack-vector information to ClearSkies™ Cloud SIEM for further analysis before an incident is escalated. Attack-Vector information provides you with valuable intelligence as to how cybercriminals interact with assets, including their methods, purpose and source.

By occupying cybercriminals for as long as possible with decoys and traps, organizations can delay them from achieving their real purpose, thus gaining valuable time to take necessary defensive actions.

Benefits

What you get

Active Defense both compliments and capitalizes on the early detection and response capabilities of your SIEM.

Post-Breach Detection

Minimizes the time between the initiation of an attack and its detection.

Decrease attacker dwell time

Drastically reduces the time a successful attacker spends scouting unnoticed within the corporate network and systems.

Comprehensive visibility

Provides comprehensive visibility of the attacker’s intentions in your corporate network.

Reduced False Positives

Focuses on real threats, thus accelerating your organization’s response and overall cyber defense capability, effectively improving your security posture.

Intelligence Gathering

Helps you gather valuable intelligence and collect valuable forensic information about an attack, including methods used, purpose and source, which can be used to both improve your network and system defenses, as well as to construct and support relevant legal cases against the attacker.

Regulatory compliance

Helps you obtain evidence to meet regulatory compliance requirements.

Scalable

Can be easily scaled at any given time, depending on organizational needs and/or on the information-threat activity level.

No risk

Poses no risk whatsoever to data exchanged/stored and has no impact on the availability/integrity of resources.

Features

What’s under the hood

Automate Incident escalation so your security personnel can be informed even as the attack is already taking place.

Receive incident notifications via email, SMS and/or push notification on smartphones and tablets with ClearSkies™ Mobile App (for iOS and Android) installed. For more detailed information related to incident escalation, refer to the ClearSkies™ Secure Web Portal (SWP) “Event Management” ServiceModule.

Deploy and manage ClearSkies™ Active Defense by your own Security Operations Center (SOC) or by Odyssey’s 24/7 Managed Security/Detection & Response (MDR) Services.

Products

Empower your Active Defence effectiveness with…

Endpoint

Detect & Respond to Malware & Insider Threats Before it is too Late.

Identity & Access

Stay on top of your user base.

Learn More

Get the Datasheet

ClearSkies™ Active Defense both compliments and capitalizes on the early detection and response capabilities of your SIEM.

ClearSkies-Active-Defense-Datasheet-Mockup