DECEPTION
Lure Attackers to Reveal Their Presence with Advanced Deception Technology
THE CHALLENGE
THE SOLUTION
Cynet prevents execution of malicious code by enforcing a chain of interlocking protection layers on executed files and running processes
DECEIVE ATTACKERS WITH VARIOUS HONEYPOTS: DECOY FILES, PASSWORDS AND NETWORK CONNECTIONS
Cynet deception security supports various types of decoys, to detect threats in various stages of the attack’s lifecycle: data files, credentials and network connections. In each type, the consumption action triggers the alert – login attempt with a decoy password, connection attempt with RDP or URL and opening a data file.
Cynet cyber deception provides both off-the-shelf decoy files as well as the ability to craft your own, while taking into account your environment’s security needs.
DETECT ATTACKS AT THE CREDENTIAL THEFT STAGE:
DECOY PASSWORDS
Passwords are extremely valuable to attackers attempting to expand their foothold within a compromised environment. Cynet crafts and plants text files containing false passwords along attackers’ potential routes. Any attempt to log in with these passwords triggers an alert.
DETECT ATTACKS AT THE LATERAL MOVEMENT STAGE:
DECOY CONNECTIONS
When seeking to expand compromise across the environment to access organizational resources, internal network shares and RDP connections are extremely attractive. Cynet’s decoy connections enable the reliable detection of attackers during the hard –to-detect lateral movement stage.
DETECT ATTACKS AT THE DATA ACCESS AND EXFILTRATION STAGE:
DECOY DATA FILES
DATA FILES
DECOY DATA FILE BEACONING
When an attacker opens a decoy data file at its premise, an alert is triggered and the file sends Cynet the malicious IP address at which it resides.