A new and deadly generation of remotely controlled targeted corporate network attacks is challenging core network security assumptions, making prevention centric strategies obsolete. While network security teams are starting to shift their focus from perimeter defense to post-breach detection, traditional detection tools fall short of the mark, either generating far too many false-positives or altogether failing to detect attacks in real time.
Deception — the use of decoys, traps, lures, and other mechanisms — is quickly gaining the attention of organizations seeking an effective and efficient post-breach detection defense. Fidelis Cybersecurity conducted an exercise to investigate the effectiveness of deception defenses in a real-world network environment in which more than 50 professional hackers and security experts used their knowledge and skills to try to extract a pre-defined piece of data and stay undetected.
The exercise was conducted as a Capture the Flag (CTF) challenge; and in addition, the environment was tested against a variety of malware programs.
View the webinar to learn more about:
- What resources caught the attacker’s attention?
- What deception mechanisms were most successful in tripping attackers?
- How are human attackers different than malware?
- Why is the ‘Knowledge Gap’ concept important?
Tom Clare, Product Marketing, Fidelis Cybersecurity