Resources
Comprehensive Identity Protection through ITDR
Identity based attacks are rising dramatically. According to Verizon’s 2022 Data Breach Investigation Report, credential-based attacks have become the top path for threat actors to reach enterprise information assets.
Important MITRE ATT&CK Use Cases That Make It Compelling
As discussed in our previous blogs, the MITRE ATT&CK framework is a critical technology resource that can help you systematically evaluate your security measures against the potential threats you may encounter. Understanding the weaknesses in your current...
WannaCry Ransomware Analysis: Lateral Movement Propagation
In May 2017, the WannaCry ransomware attack made front-page news around the world, with at least 150 countries and over 200,000 customers affected by the attack. The WannaCry ransomware made use of an exploit that targeted the SMB protocol of Microsoft Windows.
What is an Active Directory? Why is it Important?
Microsoft created Active Directory (AD), a directory service for Windows domain networks. It offers authentication and authorization services along with a centralized location for storing and managing data about resources and users on a network. AD is crucial for...
Using Generative AI to create deceptions for Identity Protection
Generative AI has taken the world by storm. It has become an exciting and rapidly developing field that involves the creation of images, videos, music, text, and other data using generative AI models.
Deception in Depth: A Novel, Effective Way to Mitigate Attacks from the Inside
Recently, an interesting survey pointed out that malware attacks are going fileless. In some cases, this means even using an internal employee to help with the process. For example, the attack on the Bank of Bangladesh and you quickly realize that advanced attackers...
Threat Hunting the Modern Way
When you think threat hunting, what comes to mind? For most enterprise security staff, the answer is “Hmmm, not sure if that’s for me”.
Detection of Prevalent Threats by Distributed Deception
Today’s breaches are overwhelmingly carried out in a series of sophisticated, multi-stage attacks. The stages of such attacks can best be described by a “Cyber Kill Chain,” which as per MITRE ATT&CK Adversary Tactic Model [1] breaks down cyber intrusions into the...
Hiding in Plain Sight: How to Operationalize Deception for Security Teams
Honeypots. Just those three syllables are enough to cause instant nausea with a cyber security professional. Why? Honeypots are hard to operationalize into an effective, easy to use and consistent defense. But times are changing with the proliferation of deception...
If Deception is so Great, Why Isn’t Everyone Doing it?
Using deception as a threat detection solution would seem to be a no-brainer: It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems. Everyone must be doing it you would think....
Booz Allen Hamilton Announces Global Partnership with Acalvio to Provide Advanced Cyber Deception Capabilities
Booz Allen Hamilton announced a global partnership with Acalvio today to provide Advanced Cyber Deception Capabilities to Government and Commercial Organizations.
Why deception is necessary for the cyber security?
When I joined Acalvio, a stealth deception startup, one of the most commonly asked questions from my co-workers and friends started like this: okay tell us why deception was so important that you’d move away from DNS security - a subject you have enjoyed working on...