Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Beth Ruck

Recent Posts

A Deception Technologist's View of Cloud Security

Posted by Beth Ruck on May 22, 2019 2:47:12 PM

As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike.

Read More


Deception Helps Improve Security Operation Center Efficiency

Posted by Beth Ruck on May 9, 2019 12:37:41 PM

It's no secret that SOCs are overwhelmed. Many organizations are under constant attack, but SOC teams are so barraged by alerts that they can’t discern real from noise. If you missed our webinar with Forrester, Improving SOC Efficiency with Deception, watch it here. Learn how a deception technology approach can end the nonstop "hamster wheel" reaction cycle—and significantly boost both incident response (IR) capabilities and the overall productivity of security operations teams.

Read More


How Cyberattackers Use Privileged Credentials to Establish Domain Persistence?

Posted by Beth Ruck on Mar 21, 2019 5:22:27 PM

The top risk cyberattackers face is the risk of getting caught. But executing an attack is typically a labor-intensive process. Attackers also worry that the access they’ve worked so hard to establish might suddenly get cut off if a password gets changed or an account they’re using is retired or removed from the domain.

Read More


Ponemon Report: How Security Teams Defend After a Security Breach

Posted by Beth Ruck on Nov 15, 2018 9:57:52 AM

Moody's Cyber Risk Group: “Cyber becomes more and more important.”

On November 12, Moody’s announced its intent to start incorporating in its credit rating method the degree to which an organization faces risk of major impact from a cyberattack. This follows the news, back in February 2018, that the Securities and Exchange Commission issued additional guidance on its requirement that public companies must “inform investors about material cybersecurity risks and incidents,” even if they have not yet been the target of a cyberattack.  

Read More


Deception Platforms Noted in Gartner's Hype Cycle Report

Posted by Beth Ruck on Jul 31, 2018 3:04:35 PM

What a difference a year makes.

In 2018, we find deception platforms listed with a “High” Benefits Rating in Gartner’s Hype Cycle for Threat-Facing Technologies2018.

Read More


Digital Transformation & Early Threat Detection in the Kill Chain

Posted by Beth Ruck on Jul 27, 2018 1:02:22 PM

It goes without saying that digital transformation—the reengineering of core business processes leveraging digital technology—dramatically increases cyber risk for most organizations. It usually results in greater avenues of connectivity, collection of richer data from more sources, use of cloud services, extension of trust to more people and entities, and incorporation of smart devices in one form or another.

Read More


Stay up to date!