Endpoint Deception

Valuable threat intelligence for your production network

For whom is Endpoint Deception suitable?

Even if you regularly update your Software Applications and implement effective patch management for third-party software, there is no such thing as guaranteed full protection. The security of the entire infrastructure will always depend on the weakest element in your network. Experience shows that hackers often find vulnerabilities faster than they are patched by manufacturers.

A breach (possibly still undiscovered) will always be found, or new vulnerabilities will emerge, for example as a result of updates. Phishing attacks, in which the attackers get hold of an employee’s access data directly via fake emails or telephone calls, also play a part.

It is less a question of company size than the willingness or need to take advantage of the latest technology. Even IT security companies can benefit from the added credibility a CYBERTRAP partnership brings, giving them an edge in the marketplace. The threat intelligence information generated by CYBERTRAP Endpoint Deception, provided in real-time and in MITRE/ATT@CK context, helps the SOC team to focus on critical alerts and analyze them more effectively.

Currently, we offer the following packages:

Ioeb Ausgezeichnet Siegel Normal

CYBERTRAP PRO

Ideal for small- and medium-sized businesses that do not have the capacity to deploy a full deception solution.

Discover Pro

CYBERTRAP ENTERPRISE

Large companies as well as critical infrastructure, banks and government agencies that face or have already been victims of targeted hacking attacks.

Discover Enterprise

FAQs

Why are endpoints on the network vulnerable?

Every endpoint in a production network is a potential entry point for a hacker. Once on the network, the attacker can use their specialized hacking tools to move on undetected and elevate their privileges, all the way up to administrator. Research shows that attackers can remain on the network for up to several months before conventional security systems detect them.

 

Which endpoints are most interesting to hackers?

The most interesting endpoints for hackers are those that are poorly monitored or on which the latest software is not or cannot always be installed immediately. They serve as a simple gateway for hackers to navigate their way around the network undisturbed.

 

Why are IoT devices a popular point of attack?

The basic software of IoT devices is a so-called firmware. It is comparable to the operating systems of computers and servers. In many cases, this firmware is obsolete or is not updated as often, and thus the risk that it presents a vulnerability that an attacker can exploit is significantly higher than with conventional operating systems.

 

How is an attacker redirected into the Deception environment?

When our Endpoint Deception is active, a hacker will find deliberately placed but false information as he searches the network. As a result of using this false information, this attacker automatically ends up in a perfect replica of the corporate network (the Deception environment) at which point the responsible IT system administrator gets notified via an alert.

 

Why doesn’t the attacker realize that he is getting false credentials?

The credentials that the attacker receives are intended for actual systems with real operating systems and services, the so-called traps (decoys). Therefore, he can never determine whether these credentials are real or fake because they do not differ in any way from real credentials.

 

How long do hackers without deception technology remain undetected on the network?

The global average of the so-called “dwell time” was recently estimated at 56 days. With CYBERTRAP Endpoint Deception you can reduce the dwell time of otherwise undetected attackers in your network by up to 97%.

What happens next?

Cybertrap Step 1

Perform a cost-benefit analysis

Deception technology can reduce Security Operation Center costs by up to 32% (or $22,747 per SOC analyst per year). Find out more with a personal consultation.

Cybertrap Step 2

Schedule a Demo & Deployment

Once you have completed our free demo session, we will arrange for deployment on the date of your choice. Our security experts will clarify any outstanding questions directly with you.

Cybertrap Step 3

Lock hackers out and optimize systems

The moment an unauthorized query is performed in the Active Directory, you are live. Your company data will remain well protected, and security gaps will be detected and addressed.

Non-binding consultation

We will gladly take the time to answer your questions. After submitting the form, one of our sales representatives will contact you promptly to discuss further about Active Directory Deception.

Your contact person

Carsten Keil

“With CYBERTRAP, our goal is to beat any attackers at their own game and thus offer companies greater security with minimal effort.”

“Never interrupt your enemy while he is making a mistake.”
– Napoleon Bonaparte