Blog Page Header (3)
Facebook
Twitter
LinkedIn
WhatsApp

QMasters Exclusive Product: IllusionBLACK

Presenting:  IllusionBLACK Deception Defense Platform by Smokescreen

When is This Product Useful?

IllusionBLACK’s detection and response platform is essential when your company is the target of one of the following attacks:

  • Web Application Attacks
  • Targeted Threats
  • Lateral Movements
  • Social Engineering
  • Ransomware Attacks
  • Malware-less Attacks

 

How Does it Work?

IllusionBLACK creates decoys (fake systems) on the network that look like real servers hosting services – databases, web-servers, applications, file shares, etc. These decoys are deployed alongside your real assets in your datacenter.

The platform also creates fake credentials, cookies, processes and files that serve as lures for attackers and are deployed on your real endpoints. For an attacker who has broken in, the decoys look as real a legitimate system. The moment they interact with a decoy, a silent alarm is raised while the systems collect information on the attacker’s actions and intent.

Automated response actions can be set up though integrations with popular firewalls and EDRs.

 

PROBLEMSOLUTION

Low Network Visibility

With complex and vast networks, businesses have very little visibility behind their perimeter. This makes it extremely difficult to detect intrusions

Network and Endpoint Deception

Decoys and lures placed across the network detect intrusions giving you unparalleled visibility into malicious activities in your network

 

Changing Attack Tactics

Apex attackers constantly change their tools and tactics making signature and behavior-based detection ineffective. Thus, businesses struggle with detecting APTs, zero-days, and new strains of malware.

Attack Agnostic Detection

Deception technology does not rely on signatures or behavior to detect attacks. Any interaction with a decoy is suspicious making it effective in detecting attacks irrespective of tools or tactics used.

 

False Positives

Traditional security solutions generate thousands of alerts leaving security teams overwhelmed. This leads to event fatigue, data paralysis, and missed alerts. The problem is pervasive. The attack at Target Corp was detected but no one noticed – it was lost in the noise.

Higher Quality Alerts

By design, deception is a low false positive solution. No one knows that decoys exist in the network/ Therefore, no legitimate user should be accessing a decoy. As a result, any interaction with a decoy is a high-confidence, high-fidelity indicator of a breach

 

 Pros:

  • Provides all of the deception capabilities in one place
  • Uses machine learning to understand risk of each activity and helps you decide if the attack is real
  • Threat prevention automation – if it is configured correctly, it can automatically block a threat
  • Smokescreen was the original inventor of private threat intelligence, so this tool is the real deal.

 

Cons:

  • IllusionBLACK is not suited for companies with less than 500 assets. If that’s you – don’t waste your money, this isn’t for you!

Share:

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Subscribe to “Cyber by QMasters” to stay in-the-know!
Don’t worry, it’s once a month.

Contact Us.