Today we announced the acquisition of TopSpin Security, an intelligent deception security vendor. We’re extremely excited about bringing the TopSpin DECOYnet technology and expertise into the Fidelis family.
Automated Detection & Response Gets Deception
TopSpin was recognized by Gartner as a 2017 Gartner Cool Vendor for IoT Edge Computing and Ovum for innovation in intelligent deception. Their combination of adaptive deception networks, traffic analysis, asset profiling and traps, lures and decoys enhances the automated detection and response focus of Fidelis and our flagship ADR platform, Fidelis Elevate.
Deception technology has evolved substantially from the days of static honeypots. By incorporating adaptive deception into the Fidelis solution family, we are able to drive down false positive rates to near zero, instantly validate attacks that are happening even before they reach their targets and automate response workflows that capture and record attack data.
TopSpin’s DECOYnet is now powered by Fidelis.
How It Works
TopSpin’s approach is innovative and flexible, allowing for adaptation to the changing topology and patterns of the network; including the network edge. The approach is passive-perpetual and incorporates 5 pillars.
- Discover: Leveraging its advanced traffic analysis and egress analysis engines, DECOYnet powered by Fidelis passively scans the network to discover activities and profile every device, including devices on the network edge. The devices are mapped according to their location, use, type, protocol etc. This process perpetual.
- Deceive: DECOYnet powered by Fidelis applies the information gathered during the discovery stage to automatically build a deception layer. It creates decoys that are identical to the types of devices used in the organization.
- Distribute: DECOYnet powered by Fidelis automatically distributes and strategically places decoys throughout the network, including at the edge, based on information gathered in the discovery stage. At the same time, DECOYnet seeds breadcrumbs in real assets that point to the decoys.
- Detect: Every access or attempted access to a decoy triggers a validated alert. Security teams receive a full forensics report about the machine/s that attempted to access the decoy. This approach has zero false positives as every attempt to access a decoy indicates an activity requiring immediate response.
- Adapt: Constantly watching the network traffic, DECOYnet powered by Fidelis actively adapts to dynamic network conditions, including new assets and devices that are added and introduced. This ensures that the decoy network is never stale and the breadcrumbs and lures are always relevant to unsuspecting attackers.
The Future: Fidelis’ Commitment & Investment
We’re committed to current TopSpin customers and excited about future Fidelis deception technology customers.
Fidelis continues to innovate and drive the emergence of the automated detection and response with this acquisition. Stay tuned as we integrate, innovate and automate.