Solutions

Isolate Real Attacks. Fast.

We give you the complete story so you can make the right decisions and benefit from clarity & visibility – without all the noise.

front-main-icon04

Accurate &
Actionable Incidents

Dramatically minimizes false positives using multiple analysis engines, internal correlation and decoys that mirror your most valuable assets

front-main-icon05

Avoid Overloading
Your Security Teams

Actionable intelligence from correlated, quality incidents – instead of thousands of events.

front-main-icon06

Enhance Existing
Security Tools

Easily integrated with third-party solutions, SIEM/SOC, and reporting tools to improve threat intelligence

solution-intel-decept solution-intel-decept

Intelligent Deception

DECOYnet(TM) learns the organizational network and deploys decoys that mirror valuable assets, applications and data. Then, it intelligently places mini-traps on endpoints and servers to lure attackers into the decoy – exposing their presence, slowing their attack and ultimately defusing the attack.

TRAP

After learning the organizational network, DECOYnet automatically sets up decoys and traps. These act like regular network assets and advertise themselves to attract the attention of malware and malicious users.

LURE

Using targeted mini-trap placement technology, DECOYnet strategically places fake data files, credentials, drives, cookies and registries. These deceive attackers, leading them away from sensitive information and into decoys.

DECEIVE

DECOYnet slows down attacks and minimizes the damage with advanced attack interference techniques like: Adjusting decoy TCP stream to enable a slower or faster interaction; Allowing password guessing to prolong engagement; Feeding larger than requested files, and more

ADAPT

DECOYnet’s adaptive deception layer continuously monitors the network and quickly adapts to changes in the environment

solution-traffic solution-traffic

Traffic Analysis

DECOYnet detects anomalies, malicious activity, data exfiltration, malware communication with command and control – all while providing network communication channel clarity. DECOYnet allows organizations to understand data flowing out from the organization, identify gaps in policy enforcement, and enforce policies.

ANOMOLY DETECTION

Identify unauthorized processes, applications and behavior that cannot be detected by perimeter and standard cyber defenses

DETAILED FORENSICS

Track and record all network communication channels according to their functionality class – updaters, common tools, shadow IT, SSL channels and home-grown apps

ELIMINATE NETWORK BLINDSPOTS

Expose communication channels unknown to the organization and assign each a threat level

CONTINUOUS PRODUCTIVITY

Non-intrusive, out-of-line solution with zero impact on productivity and network performance

solution-visibilty solution-visibilty

Security Visibility

DECOYnet correlates multiple data points, security events and feeds from third party tools to deliver real context to attacks. In real time, DECOYnet transforms dozens of events into actionable incidents – reducing false-positives and lowering the burden on security personnel.

MINIMIZING THE NOISE

Correlating multiple events into single incidents by combining data from decoys and traps with internal and egress traffic monitors

RISK ASSESMENT

Constantly monitors traffic to detect suspicious activities and assess threats before they become critical

CLEAR AND SIMPLE REPORTING

Easy-to-read reports managed via user-friendly threat-intelligence dashboard allow even L1 engineers to stay on top of complex security issues

ENHANCE EXISTING SECURITY TOOLS

Easily integrated with third-party solutions, SIEM/SOC, and reporting tools to improve threat intelligence

Related Resources