Lessons from The Cheshire Cat in Concealment & Misdirection
Cyber deception has come a long way from deploying honeypots on the external interface to research attack activity. Nowadays, deception technology has matured such that savvy CISOs consider it a necessary function of a Zero Trust Architecture, particularly with the following use cases:
• Insider threat detection
• Ransomware
• Active Directory protection
• Identity and credential protection
• Unmanaged device protection
Today, there is more to modern deception than just deploying bait and decoys inside the network. Innovations in concealment technology specifically derail attackers using advanced credential attack techniques. By hiding and denying access to sensitive or privileged production credentials, objects, and data, attackers only see the bait at the endpoints and in Active Directory.
Unleash the Cheshire Cat to bring chaos to attackers. Join this session to learn about deception’s progression from simple honeypots and honeytokens, its place in a zero-trust environment, and concealment’s role in misdirecting and misinforming attackers.
Guest Speaker
Joseph Salazar – Attivo Networks
Joseph Salazar is a veteran Information Security professional with over 25 years of military and civilian experience. He is a retired Major from the US Army Reserves, having served 22 years as a Counterintelligence Agent, Military Intelligence Officer, and Cyber-Security Officer. He’s been a Systems and Security Administrator, a CSIRT Analyst, a Security Operations Manager, and a Computer Forensic Investigator in his civilian career. He maintains the CISSP, CEH, and EnCE certifications, holds a BA in Legal Studies from UC Berkeley, and currently works for Attivo Networks in Technical Marketing. With your host, Gary S. Miliefsky, Chairman, Cyber Defense Media Group and Publisher of Cyber Defense Magazine.
FAIR USE NOTICE: Under the “fair use” act, another author may make limited use of the original author’s work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material “for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.” As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner’s exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.
Source: www.cyberdefensemagazine.com