Resources
Detection of Prevalent Threats by Distributed Deception
Today’s breaches are overwhelmingly carried out in a series of sophisticated, multi-stage attacks. The stages of such attacks can best be described by a “Cyber Kill Chain,” which as per MITRE ATT&CK Adversary Tactic Model [1] breaks down cyber intrusions into the...
Hiding in Plain Sight: Streamlining Deception for Security
Honeypots. Just those three syllables are enough to cause instant nausea with a cyber security professional. Why? Honeypots are hard to operationalize into an effective, easy to use and consistent defense. But times are changing with the proliferation of deception...
If Deception is so Great, Why Isn’t Everyone Doing it?
Using deception as a threat detection solution would seem to be a no-brainer: It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems. Everyone must be doing it you would think....
Booz Allen & Acalvio Partner for Advanced Cyber Deception
Booz Allen Hamilton announced a global partnership with Acalvio today to provide Advanced Cyber Deception Capabilities to Government and Commercial Organizations.
DECEPTION: YOU KEEP USING THAT WORD…
Cyber deception. Do you know what it means?
Your Building’s Cyber Defenses Have Been Upgraded!
Today, Honeywell and Acalvio announced the launch of Honeywell Threat Defense Platform (HTDP) Powered by Acalvio. HTDP brings a new approach in the ongoing effort to secure Operation Technology (OT) networks including those networks running the health and safety...
Acalvio ShadowPlex Awarded FedRAMP Ready Status by US government
Today we are pleased to announce that Acalvio’s cloud-based ShadowPlex Active Defense platform has been awarded FedRAMP Ready status by the US Government’s General Services Administration. This award demonstrates…
Microsoft Active Directory Security Part 3: A Deception-Based Approach
Previously, we covered understanding AD Attack Surface and AD Attack Paths on this Active Directory Protection blog series. This post looks at Acalvio’s novel approach to protecting Active Directory against advanced persistent threats.
Microsoft Active Directory Security Part 2: Decoding Active Directory Attack Paths to High-Value Targets
In a previous blog, we provided an overview of the (unfortunately quite complex) Active Directory Attack Surface. In Part 2 of this series, we’ll explore how attackers plan their movement and traverse attack paths once they have discovered AD vulnerabilities and misconfigurations that they can exploit.
Microsoft Active Directory Security Part 1: Understanding the Attack Surface
In the recent SolarWinds hack and Ransomware attack on Colonial Pipeline, Active Directory (AD) compromise was at the core of the attack playbook. In this 3-part blog series, we look at protecting Microsoft Active Directory – which is central to most enterprise infrastructure layouts.
OT Risk Management – Deceiving Your Way to IT/OT Convergence
Securing Operational Technology (OT) networks is definitely “a thing” these days. OT environments include specialized equipment (e.g. PLCs) that monitor and control production facilities such as refineries, manufacturing plants and utilities. The stakes are high with respect to potential business continuity and safety impacts if something is compromised.
The Solarwinds Attack – Don’t Trust; Always Verify
What’s the biggest lesson from the SolarWinds fiasco? Just focusing security defenses on the most common means of penetrating an organization doesn’t cut it.