Bad actors have always had the edge in cybersecurity. After all, the good guys have to secure everything, while the bad guys need find only one vulnerability.
Given the appalling number of breaches over the years, it’s clear that the established crop of cybersecurity products isn’t up to the task of changing this equation and putting the good guys on top.
When I attended this year’s RSA Conference, therefore, I looked for those exceptionally disruptive technologies that promise to turn the tide. Here are my top picks…
Finally, vendors and security professionals alike are coming to realize that the best defense is likely to be a good offense—battling the adversaries on their own turf. Deception technologies are among the most mature of these offensive cybersecurity approaches.
Today’s deception technologies such as that from Attivo Networks are coming into their own, moving beyond simplistic honeypots that seek to lure attackers to bogus targets. Instead, they provide fully realistic environments—from the browser down to the network—to lure attackers in, minimizing damage while gathering intel on their identities and modus operandi.
Honeypots fool attackers into falling into simple traps. In contrast, there is nothing simple about Attivo’s deceptions. Customers can deploy Attivo to mimic any part of their infrastructure, from their endpoints to applications to databases and more.
An attacker with a stolen credential, for example, might believe it has accessed a server, but in reality, Attivo caught it at the login step with a fake Active Directory instance—and tracked the attacker’s behavior from there.
Eventually, attackers get wise that they have been detected, but they are typically unaware that they have fallen for deception technology. Meanwhile, their target victim has mitigated any potential damage, and, for good measure, logged all their interactions for forensic purposes.