Deception Campaigns for Deception Authenticity
Maintaining decoy, credential, and deception object authenticity and attractiveness is core to the efficacy and manageability of deception-based threat detection. Attivo Networks provides a variety of deployment options and approaches to keep the deception environment fresh. These deployment options are included through the BOTsink management platform, SCCM, and REST API. To simplify and facilitate deployment at scale, the BOTsink includes the ability to create deception campaigns, which deploy decoy services based on machine learning in the environment. The deception campaigns auto-propose deployment options and facilitate auto-deployment of decoys based on factors such as reconnaissance or suspicious activity.