Resources
Detection of Prevalent Threats by Distributed Deception
Today’s breaches are overwhelmingly carried out in a series of sophisticated, multi-stage attacks. The stages of such attacks can best be described by a “Cyber Kill Chain,” which as per MITRE ATT&CK Adversary Tactic Model [1] breaks down cyber intrusions into the...
Hiding in Plain Sight: How to Operationalize Deception for Security Teams
Honeypots. Just those three syllables are enough to cause instant nausea with a cyber security professional. Why? Honeypots are hard to operationalize into an effective, easy to use and consistent defense. But times are changing with the proliferation of deception...
If Deception is so Great, Why Isn’t Everyone Doing it?
Using deception as a threat detection solution would seem to be a no-brainer: It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems. Everyone must be doing it you would think....
Booz Allen Hamilton Announces Global Partnership with Acalvio to Provide Advanced Cyber Deception Capabilities
Booz Allen Hamilton announced a global partnership with Acalvio today to provide Advanced Cyber Deception Capabilities to Government and Commercial Organizations.
Why deception is necessary for the cyber security?
When I joined Acalvio, a stealth deception startup, one of the most commonly asked questions from my co-workers and friends started like this: okay tell us why deception was so important that you’d move away from DNS security - a subject you have enjoyed working on...
DECEPTION: YOU KEEP USING THAT WORD…
Cyber deception. Do you know what it means?
Combating Log4Shell Exploits
Apache Log4j is a Java library that is used to log messages (for diagnostics, troubleshooting, auditing, and information). This library also provides the ability to log information to various destinations such as databases, file consoles, and syslog, making it the...
Your Building’s Cyber Defenses Have Been Upgraded!
Today, Honeywell and Acalvio announced the launch of Honeywell Threat Defense Platform (HTDP) Powered by Acalvio. HTDP brings a new approach in the ongoing effort to secure Operation Technology (OT) networks including those networks running the health and safety...
Acalvio ShadowPlex Awarded FedRAMP Ready Status – Active Defense for Federal Government Agencies
Today we are pleased to announce that Acalvio’s cloud-based ShadowPlex Active Defense platform has been awarded FedRAMP Ready status by the US Government’s General Services Administration. This award demonstrates…
Microsoft Active Directory Security Part 3: A Deception-Based Approach
Previously, we covered understanding AD Attack Surface and AD Attack Paths on this Active Directory Protection blog series. This post looks at Acalvio’s novel approach to protecting Active Directory against advanced persistent threats.
Microsoft Active Directory Security Part 2: Decoding Active Directory Attack Paths to High-Value Targets
In a previous blog, we provided an overview of the (unfortunately quite complex) Active Directory Attack Surface. In Part 2 of this series, we’ll explore how attackers plan their movement and traverse attack paths once they have discovered AD vulnerabilities and misconfigurations that they can exploit.
Microsoft Active Directory Security Part 1: Understanding the Attack Surface
In the recent SolarWinds hack and Ransomware attack on Colonial Pipeline, Active Directory (AD) compromise was at the core of the attack playbook. In this 3-part blog series, we look at protecting Microsoft Active Directory – which is central to most enterprise infrastructure layouts.