For multinational banks and other financial services companies, one of the biggest barriers to better security is pure scale. In large environments, where endpoints number in the tens or hundreds of thousands, how can you keep attackers out 7x24x365?
You can’t. Last week’s disclosure of the Equifax breach is yet another reminder. If you can’t always keep them out, you have to detect them quickly.
So endpoint-focused deception technologies are catching on. Putting deceptions everywhere across the environment turns every system into a trap and dramatically increases the odds of detecting attackers soon after they set up shop. But doesn’t that pose another scaling problem?
Actually, no – not with Illusive. Excuse the blatant sales pitch, but the urgency to get ahead of APTs warrants promotion of something that not only works, but works easily. Illusive’s Deception Management System™ (DMS) leverages automation and machine intelligence to operate huge deception environments – not only to push them out, but to manage the entire cycle:
DMS learns your entire environment – what operating systems are running, how systems are used, system naming conventions, what credentials they house, and what other machines they connect to, among other things.
Based on what it discovers, a smart policy engine suggests the menu of deceptions that make sense for each system in your environment.
The Illusive operator can accept the automated recommendations or tune them as needed, but once the deception inventory is approved, deployment to hundreds or thousands of machines is a “one-click” process that completes in milliseconds per system.
On schedule and/or on demand, DMS rediscovers and refreshes the environment to adjust to systems coming on- and off-line, to adapt to changes in how endpoints are used, to respond to attacker behavior, to ensure authenticity, and to keep the ground shifting under the attacker.
This capability, finally, enables a deception environment that not only scales, but is tailored to each unique environment—a baseline requirement for a high-quality deception solution. And it does all this without agents. This is why a number of large financial organizations have chosen Illusive and have deployed our deceptions across massive numbers of systems—hundreds of thousands.
In the coming weeks, we’re going to be at the FS-ISAC Summit in Baltimore and at the SIBOS Conference in Toronto. If you’re going to be there, shoot me an email so we can arrange to show you in person how it works, or you can read more here.