Presenting: IllusionBLACK Deception Defense Platform by Smokescreen
When is This Product Useful?
IllusionBLACK’s detection and response platform is essential when your company is the target of one of the following attacks:
How Does it Work?
IllusionBLACK creates decoys (fake systems) on the network that look like real servers hosting services – databases, web-servers, applications, file shares, etc. These decoys are deployed alongside your real assets in your datacenter.
The platform also creates fake credentials, cookies, processes and files that serve as lures for attackers and are deployed on your real endpoints. For an attacker who has broken in, the decoys look as real a legitimate system. The moment they interact with a decoy, a silent alarm is raised while the systems collect information on the attacker’s actions and intent.
Automated response actions can be set up though integrations with popular firewalls and EDRs.
Low Network Visibility
With complex and vast networks, businesses have very little visibility behind their perimeter. This makes it extremely difficult to detect intrusions
Network and Endpoint Deception
Decoys and lures placed across the network detect intrusions giving you unparalleled visibility into malicious activities in your network
Changing Attack Tactics
Apex attackers constantly change their tools and tactics making signature and behavior-based detection ineffective. Thus, businesses struggle with detecting APTs, zero-days, and new strains of malware.
Attack Agnostic Detection
Deception technology does not rely on signatures or behavior to detect attacks. Any interaction with a decoy is suspicious making it effective in detecting attacks irrespective of tools or tactics used.
Traditional security solutions generate thousands of alerts leaving security teams overwhelmed. This leads to event fatigue, data paralysis, and missed alerts. The problem is pervasive. The attack at Target Corp was detected but no one noticed – it was lost in the noise.
Higher Quality Alerts
By design, deception is a low false positive solution. No one knows that decoys exist in the network/ Therefore, no legitimate user should be accessing a decoy. As a result, any interaction with a decoy is a high-confidence, high-fidelity indicator of a breach
- Provides all of the deception capabilities in one place
- Uses machine learning to understand risk of each activity and helps you decide if the attack is real
- Threat prevention automation – if it is configured correctly, it can automatically block a threat
- Smokescreen was the original inventor of private threat intelligence, so this tool is the real deal.
- IllusionBLACK is not suited for companies with less than 500 assets. If that’s you – don’t waste your money, this isn’t for you!