Deception Technology for the Financial Sector

Early Detection of In-Network Threats

Deception provides early in-network threat detection of external, insider, and 3rd party attacks. Achieve accurate threat detection of reconnaissance and credential theft activities as attackers are deceived into engaging with decoys, deception lures, and bait designed to entice hackers into revealing themselves.

Detection of Credential Based Attacks

Strengthen endpoint defenses with The Attivo Networks ThreatStrike solution, which provides a customizable and nonintrusive deception technology designed to misdirect and detect credential based attacks from infected endpoints, servers, and VMs. Quickly understand which systems have been compromised and set up application decoys to see what credentials are being misused. Extensive native integrations provide seamless integration with major EDR systems for fast deployment, information sharing, and accelerated incident response .

SWIFT Environment Threat Deception & Decoy

Financial institutions can use deception technology to guard against attacks on SWIFT financial messaging software from attacks from external adversaries, insiders, and suppliers.

Deceptive SWIFT credentials will misdirect attackers to detection servers and SWIFT- based application decoys will attract adversaries into engaging. Collectively, these deceptions, will provide fast and accurate alerts of attempt by attackers to load SWIFT malware or send fraudulent SWIFT messages. The deception platform also captures message content to identify the destination accounts used for fraud.

Supply Chain & 3rd Party Vendors

Many financial institutions depend on partnerships to complete financial transactions, reduce costs, and for maintaining compliance. These third-party vendor relationships can often become the weakest link for an institution, with shared security models requiring additional security measures to verify for compliance and reliability.

Deception technology adds detection security controls for validating if shared security models are working and if there are policy violations occurring that could create risk for the organization. Deception can also be useful in M&A environments where the acquired company’s infrastructure could be less advanced and where connected networks need additional visibility and detection.

Verify Integrity & Reduce Attack Surface

Today’s attack surface is rapidly changing and early visibility is needed in order to understand if unauthorized devices are added to a network. This could be in the form of IOT, BYOD, or compromised device.

Deception provides organizations with a view of network changes along with exposed credentials or misconfigured systems. Originally designed to automate the preparation and deployment of deception campaigns, these tools provide valuable insight and control to reduce the attack surface. Additional tools for CVE attack simulation and testing the attractiveness of the deception are also available within the ThreatDefend platform. Deception can also play a valuable role in pen testing.