Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Gartner Analyst: Every Enterprise Should Use Deception Technology

Posted by Daniel Brody on Sep 5, 2019 2:48:58 PM

Last week, Gartner held the latest iteration of its Security and Risk Management Summit in Mumbai, and Senior Director Analyst Gorka Sadowski echoed what Illusive has been saying for a while: the time has come for enterprises of all kinds to take advantage of next-generation deception technology. Sadowski divided his presentation into three sections, whose titles asked the following questions:

  • Is it the right time for deception solutions?
  • Are deception solutions right for any enterprise?
  • What’s the future outlook for deception platforms?
Read More


Next-Gen Deception Technology: Moving Beyond Honeypots

Posted by Daniel Brody on Aug 22, 2019 3:08:04 PM

Is it time for the proverbial “Honeypots are Dead” Post?

Returning from Black Hat earlier this month, I couldn’t help but reflect on how honeypots were still the first thing that came to mind when many attendees heard the word “deception.” It’s true that when deception technology first emerged years ago, honeypots were the most analogous technology to describe the way deception worked, in that a honeypot tries to trick an attacker into interacting with it. However, deception has come a long way since honeypots materialized in the 1990s and were first commercialized in the 2000s. Call the new generation of deception technology what you will, just don't call it a honeypot.

Read More


The Capital One and Sephora Breaches Show the Limits of Traditional Breach Defense

Posted by Daniel Brody on Jul 30, 2019 3:21:13 PM

One week after Equifax announced the settlement terms of its recent breach, two new breaches are making headlines. First, various outlets reported this week that Capital One, among the top 10 banks by asset size in the US, was victimized by a hacker that gained access to more than 100 million customer accounts and credit card applications in early 2019. The hack is one of the largest data breaches to ever hit a financial services firm. What got compromised? The stolen data includes 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers, 80,000 bank account numbers and an undisclosed number of names, addresses, credit scores, credit limits, balances and other personally identifiable information.

Read More


Gartner: Threat Deception is Powerful, But Only If It Works

Posted by Kirby Wadsworth on Jul 16, 2019 12:08:02 PM

“Deception systems can service many different buyer types and needs, from simply being the only detection system a smaller company owns, to augmenting a more robust detection practice at more mature firms, to highly targeted vertical specialization needs, such as IoT and medical devices.”

Read More


What Do Attackers Really Want? Answer: Your Credentials!

Posted by Ofer Israeli on Jun 27, 2019 11:40:37 AM

You're vulnerable. And cyber attackers know it.

Read More


A Deception Technologist's View of Cloud Security

Posted by Beth Ruck on May 22, 2019 2:47:12 PM

As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike.

Read More


Stay up to date!