Deception Technology
Post-Breach Defense Detection Based on Deception
The newest generation of remotely controlled network attacks is challenging the effectiveness of traditional detection and prevention tools, making prevention-based approaches less effective. It is only a matter of time before determined cybercriminals penetrate your corporate network and systems. This paradigm shift dictates that organizations change their information risk management strategies from prevention-based to post-breach detection security approaches, if they are to maintain and safeguard their cybersecurity posture.
Prevent threat-actors who have managed to infiltrate your network from moving unimpeded for months, stealing data and intellectual property.
In a Nutshell
What is Active Defense
Lay traps to catch attackers in the event of a breach
Lure and deceive attackers into revealing information about them
Buy valuable time by delaying and misdirecting attackers in your network
How it Works
What it does
Defense “Decoys and Beacon Traps” are designed to detect reconnaissance and malware related activity, as well as to access and/or use planned fake information, which may include user access credentials, database connections and network shares, in order to deceive cybercriminals into thinking they have discovered a way to escalate their privileges, perform lateral movement, and/or access sensitive information/data towards achieving their goals.
If threat-actors attempt any probing or access any fake information, ClearSkies™ Active Defense triggers an alert notification, and delivers attack-vector information to ClearSkies™ Cloud SIEM for further analysis before an incident is escalated. Attack-Vector information provides you with valuable intelligence as to how cybercriminals interact with assets, including their methods, purpose and source.
By occupying cybercriminals for as long as possible with decoys and traps, organizations can delay them from achieving their real purpose, thus gaining valuable time to take necessary defensive actions.
Benefits
What you get
Active Defense both compliments and capitalizes on the early detection and response capabilities of your SIEM.
Post-Breach Detection
Minimizes the time between the initiation of an attack and its detection.
Decrease attacker dwell time
Drastically reduces the time a successful attacker spends scouting unnoticed within the corporate network and systems.
Comprehensive visibility
Provides comprehensive visibility of the attacker’s intentions in your corporate network.
Reduced False Positives
Focuses on real threats, thus accelerating your organization’s response and overall cyber defense capability, effectively improving your security posture.
Intelligence Gathering
Helps you gather valuable intelligence and collect valuable forensic information about an attack, including methods used, purpose and source, which can be used to both improve your network and system defenses, as well as to construct and support relevant legal cases against the attacker.
Regulatory compliance
Helps you obtain evidence to meet regulatory compliance requirements.
Scalable
Can be easily scaled at any given time, depending on organizational needs and/or on the information-threat activity level.
No risk
Poses no risk whatsoever to data exchanged/stored and has no impact on the availability/integrity of resources.
Features
What’s under the hood
Automate Incident escalation so your security personnel can be informed even as the attack is already taking place.
Receive incident notifications via email, SMS and/or push notification on smartphones and tablets with ClearSkies™ Mobile App (for iOS and Android) installed. For more detailed information related to incident escalation, refer to the ClearSkies™ Secure Web Portal (SWP) “Event Management” ServiceModule.
Deploy and manage ClearSkies™ Active Defense by your own Security Operations Center (SOC) or by Odyssey’s 24/7 Managed Security/Detection & Response (MDR) Services.
Products
Empower your Active Defence effectiveness with…
Endpoint
Detect & Respond to Malware & Insider Threats Before it is too Late.
Identity & Access
Stay on top of your user base.
Learn More
Get the Datasheet
ClearSkies™ Active Defense both compliments and capitalizes on the early detection and response capabilities of your SIEM.
