Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Digital Transformation Calls for Threat Detection Early in the Cyber Kill Chain

Posted by Beth Ruck on Jul 27, 2018 1:02:22 PM

It goes without saying that digital transformation—the reengineering of core business processes leveraging digital technology—dramatically increases cyber risk for most organizations. It usually results in greater avenues of connectivity, collection of richer data from more sources, use of cloud services, extension of trust to more people and entities, and incorporation of smart devices in one form or another.

Read More


Excavating Command Line History for Live Response by illusive Labs

Posted by Gily Netzer on May 31, 2017 9:00:00 AM

Security researchers build their understanding of attackers’ actions slowly—over time and with considerable attention to subtle details. It’s not unusual to examine hundreds or thousands of artifacts to find just one that will shine the light on an attacker’s activity.

Read More


Timeline Analysis Based on Time Stamped Forensics

Posted by Hadar Yudovich on Feb 2, 2017 2:49:35 PM

Hi Readers,

Welcome back to the second installment of our DFIR blog!  If you didn’t read Introduction to Digital Forensics and Incident Response check it out.  

Let’s get started on our next chapter, Timeline Analysis and Time Stamped Forensics.

A Chapter from Your Favorite Crime Novel

In one of his blog posts, Corey Harrell described timeline analysis as a "great technique to determine the activity that occurred on a system at a certain point in time".  When referring to DFIR, we would take it one step further: timeline analysis is necessary for effective incident response.

Read More


Introduction to Digital Forensics & Incident Response (DFIR)

Posted by Hadar Yudovich on Dec 13, 2016 8:53:42 AM

Practically, conducting digital forensics analysis is the procedure of investigating security alerts or suspicions of malicious activity in a computer network.

I like to think of DFIR as a procedure analogous to a military debriefing.
When fighter pilots return from an operative mission, they immediately conduct a debrief, which covers the objectives, what worked and what didn’t, and exactly how the next mission will be improved upon to complete each objective.  Digital Forensics is really no different and here's why ...

Read More


Stay up to date!