Category: Philosophy

Since there’s precious little information on how security teams can make deception implementations successful (some folks like to keep it a secret), there’s plenty that can go wrong. Here are 7 ways to completely botch your deployment of deception technology.

Signatures take a beating in most conversations in security. What, if anything, are they actually good for, then? Team Smokescreen stands up for the rights of the humble signature, explaining why they’re misapplied and how to better use them for defence

People often ask me about ‘adversarial thinking’ — that somewhat amorphous concept that defines security folk with the uncanny ability to mentally model how things can break. Here’s how you approach it.

The parallels between deception in the real-world, and deception in cyberspace are clear and easy to understand. However, deception in the digital battlefield is far more nuanced — it’s easy to do it badly, and far harder to get it right. Which makes it rather similar to a more traditional security practice — cryptography.

Deception has a centuries-old successful history in military warfare. Military doctrine from Sun Tzu, Genghis Khan, and Machiavelli, all the way through the Second World War has stressed the importance of deceiving the enemy to know their plans and thwart their objectives.