Good thing about when Anton is away is I’m always able to jump and announce our new research ahead of him
So, the update to our “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” paper has finally been published. This is a minor update, but as with every updated paper, it has changed for better. Some of the highlights
- New, and more beautiful pictures (thanks to our co-author Anna Belak for making our papers look 100% better on the graphics side!)
- Additional guidance on how to test deception tools (tip: put your Breach and Attack Simulation tool to use!)
- A better understanding on how the Deception Platforms are evolving and what are the current “must have” features you’ll find there
We also tuned key findings and recommendations, including these:
- Evaluate deception against alternatives like NTA, EDR, SIEM and UEBA to detect stolen-data staging, lateral movements, internal reconnaissance and other attack actions within your environment.
- Deploy deception-based detection approaches for environments that cannot use other security controls due to technical or economic reasons. Examples include IoT, SCADA, medical environments and highly distributed networks.
from Augusto Barros https://ift.tt/2Xjdgm8