Deception in Depth – The Architecture of Choice
Deception in Depth Architecture
TrapX Deception in Depth multi tier architecture presents the deception attack surfaces that best match attacker activity. Learn more below – see our 3 tiers of capability.
Console with Attack Visualization
New expanded visualization enables the security operations team to rapidly understand the activities of the attacker over time, from the originating intrusion to the assets they are engaging with, to the final containment.
New attack identification automatically determines if an attack is being conducted by a human attacker, or automated attack tools, giving security teams a better understanding of the attack and subsequent containment methods.
Enhanced Security Modules and Automated Provisioning
AIR Module provides rapid automated forensic analysis of suspect endpoints which is triggered by indications of compromise (IOCs) identified by DeceptionGrid traps. CryptoTrap Module is designed specifically to deceive, contain, and mitigate ransomware early in the exploitation cycle, halting the attack while protecting valuable resources. Automated Provision of Deception Components. DeceptionGrid scans your existing network and provisions hundreds-to-thousands of deception components including Tokens (lures) and Traps (decoys).
Deception in Depth – Tier 1
Deception Tokens (lures) appear as ordinary files, scripts and databases, are embedded within real IT assets to bait and divert attackers.
New active traps functionality creates a stream of false network traffic between deployed traps to confuse and divert attackers that monitor the network traffic.
Deception in Depth – Tier 2
Medium Interaction Emulated Traps
Our patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and more.
The patented medium interaction traps now include expanded templates for specialized devices based on industries. These templates include, ATM’s and SWIFT assets for financial services, or Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more, allowing customers to determine if attackers are targeting specialized devices that are often vulnerable to attack.
Deception in Depth – Tier 3
High Interaction (Full Operating System) Traps
DeceptionGrid enables the provision of full operating system (fullOS) traps. Our medium interaction traps automatically extend engaged attackers through our smart deception to our fullOS decoys for the deepest attacker diversion and engagement. FullOS traps also enable customers to clone existing assets – you can completely replicate actual production servers to further deceive attackers.