Prevasive Deception Technologies - Open Source
Prevasive Deception Technologies - Open Source
Discover and identify all the assets in your environment's attack surface.
Identify vulnerabilities, misconfigurations, and other weaknesses.
Understand vulnerabilities in the context of business risk and use that data to prioritize work efforts.
Show successful remediation of vulnerabilities and misconfigurations.
Then prepare to deploy decoys.
Strategically deploy deception technologies
Deploy specialized decoys, designed for every environment.
An interactive decoy is used to engage and observe an attacker by allowing open access to the decoy. The decoy is filled with vulnerabilities and default settings but contained within a hidden segment, and explicitly denied access to any real system. Tunnels are used to establish connections with decoy cloud and decoy ICS segments.
Delay and defeat threat actors before they can cause any harm.
As threats age in the environment, they mature and become more potent. They’re taking advantage of multiple attack points in your systems and networks and hijacking users’ credentials at a low and slow pace. Threat actors are often greedy and make mistakes ...and never interrupt them as they err. Learn the attacker's tactics, observe, delay, and defeat them by sending them or their bots into a dark infinite loop.
Deceive and observe the attacker's tactics, techniques and procedures, with a clear visual details of the context of the attacker.
never fight a battle which you can avoid
In the evolving threat landscape, security leaders are concerned about maintaining business resiliency in the face of cyber threats including ransomware, zero-day attacks that target legacy systems, and lateral attacks. These threats don't only affect IT networks, they can have an impact on interconnected OT networks as well. Existing cyber security solution are based data packets and logs inspection, but with the large amount of data, most encrypted this amount to a daunting task and is expensive. In addition, given the complexity and nefariousness of the modern cyber attacks and their tactics, techniques and procedures, location bad actors and or contents amounts to a needle in a hay attack.
Deception can be a complementary approach, by luring an attacker to "fake targets", with poised data, servers, networks etc. This is to observe the attacker tactics, tools, and techniques among other things. Every alert from the deception farm is a "needle" or an actionable alert., which can be an indicator of compromise, attack, or threat. This offensive strategy is necessary for large homogeneous environment, where collecting large amount of data maybe cost prohibitive or perhaps just useless.
<<contents are being updated>>
Project Needle Implementation and Support
DECEIVE | OBSERVE | EXPOSE | DEFLECT | ELIMINATE