We give you the complete story so you can make the right decisions and benefit from clarity & visibility – without all the noise.
DECOYnet(TM) learns the organizational network and deploys decoys that mirror valuable assets, applications and data. Then, it intelligently places mini-traps on endpoints and servers to lure attackers into the decoy – exposing their presence, slowing their attack and ultimately defusing the attack.
After learning the organizational network, DECOYnet automatically sets up decoys and traps. These act like regular network assets and advertise themselves to attract the attention of malware and malicious users.
Using targeted mini-trap placement technology, DECOYnet strategically places fake data files, credentials, drives, cookies and registries. These deceive attackers, leading them away from sensitive information and into decoys.
DECOYnet slows down attacks and minimizes the damage with advanced attack interference techniques like: Adjusting decoy TCP stream to enable a slower or faster interaction; Allowing password guessing to prolong engagement; Feeding larger than requested files, and more
DECOYnet’s adaptive deception layer continuously monitors the network and quickly adapts to changes in the environment
DECOYnet detects anomalies, malicious activity, data exfiltration, malware communication with command and control – all while providing network communication channel clarity. DECOYnet allows organizations to understand data flowing out from the organization, identify gaps in policy enforcement, and enforce policies.
Identify unauthorized processes, applications and behavior that cannot be detected by perimeter and standard cyber defenses
Track and record all network communication channels according to their functionality class – updaters, common tools, shadow IT, SSL channels and home-grown apps
ELIMINATE NETWORK BLINDSPOTS
Expose communication channels unknown to the organization and assign each a threat level
Non-intrusive, out-of-line solution with zero impact on productivity and network performance
DECOYnet correlates multiple data points, security events and feeds from third party tools to deliver real context to attacks. In real time, DECOYnet transforms dozens of events into actionable incidents – reducing false-positives and lowering the burden on security personnel.
MINIMIZING THE NOISE
Correlating multiple events into single incidents by combining data from decoys and traps with internal and egress traffic monitors
Constantly monitors traffic to detect suspicious activities and assess threats before they become critical
CLEAR AND SIMPLE REPORTING
Easy-to-read reports managed via user-friendly threat-intelligence dashboard allow even L1 engineers to stay on top of complex security issues
ENHANCE EXISTING SECURITY TOOLS
Easily integrated with third-party solutions, SIEM/SOC, and reporting tools to improve threat intelligence