Industry research and advisory firm Gartner has been tracking deception technology for a while now. Research Director Lawrence Pingree (Twitter) had written about it in 2015. Now, Gartner identifies deception as a top security technology for 2016 in a list it has released.
The researtch firm just released its list of the ‘Top 10 Technologies for Information Security in 2016‘ and deception technology is one of the technologies they recommend. Here’s what they have to say:
Deception technologies are defined by the use of deceits and/or tricks designed to thwart, or throw off, an attacker’s cognitive processes, disrupt an attacker’s automation tools, delay an attacker’s activities or disrupt breach progression. Deception technologies are emerging for network, application, endpoint and data, with the best systems combing multiple techniques. By 2018, Gartner predicts that 10 percent of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers.
The other technologies that made the list are:
- Cloud Access Security Brokers
- Endpoint Detection and Response
- Nonsignature Approaches for Endpoint Prevention
- User and Entity Behavioral Analytics
- Microsegmentation and Flow Visibility
- Security Testing for DevOps (DevSecOps)
- Intelligence-Driven Security Operations Center Orchestration Solutions
- Remote Browser
- Pervasive Trust Services
The growing interest in deception platforms is a result of the realisation that legacy detection systems are too focused on the ever-changing tools of the attacker, and do not deploy defences that are unique from organisation to organisation. As a result, attackers can easily modify their tools to evade these static defences. The evidence is the number of high-profile breaches that have succeeded in spite of antivirus, SIEM, sandboxing and other traditional defences being in place.
Deception technology is now in it’s 3rd generation. If you want to learn about how it offers greatly improved cross kill-chain threat detection along with response mechanisms, read this this blog post.
The pragmatic security leader’s guide to deception technologyWhen evaluating deception technology, look at three key components of the solution to ascertain how effective it will be in your environment – visibility, realism, and fingerprintability.By Sudarshan Pisupati
Using deception to shield the insurance sectorInsurance companies are under siege from cyberattacks. We take a look at some of the key pieces of an insurer’s infrastructure the adversaries target and how you can use deception to build active defenses.By Sudarshan Pisupati
Finding active defense opportunities in a pentest reportPentest reports tell a story. By asking why a pentester made certain choices, you can find opportunities to influence attacker behavior and actively defend your network.By Sudarshan Pisupati
- Detect zero-days, APTs, and insider threats
- 10x the detection capabilities with 1/2 the team
- Get started in minutes, fully functional in hours