The Art of War
A toolkit of highly configurable and easily manageable cyber deception capabilities designed to draw adversaries away from your valuable data and identify enemy movement within your environment. Deceive on the network and on the endpoint. Bait the adversary with tempting targets. Confuse the enemy so they make mistakes. All war is based on deception and cyber war is no exception.
Active Directory is a primary target for attackers. CyDec has powerful deception capabilities to protect it.
Make the adversary think they found valuable credentials and get alerted to any attempted use.
Seed endpoints with deceptively named phantom files that can trigger alerts on contact.
Deploy high-fidelity honey pots on the network to entice and confuse an attacker.
Make your systems appear as something else to an attacker fingerprinting your browser and network.
Deceive what an adversary sees on the filesystem or just hide data completely.
When properly applied, cyber deceptions are formidable tools that can be used to identify attacks, highlight adversary movement and protect your valuable information. Deceptions create uncertainty for an attacker which will lead to costly mistakes and more resources expended.
CyDec's deceptions can be precisely targeted to achieve the level of deception required to protect the things that are most valuable to your organization. This precision ensures that attackers get trapped by the deception while normal users are not even aware that their endpoint is protected.
The high-fidelity sensors, lures and traps that can be deployed by CyDec, along with a variety of system hardening techniques, provide visibility into attacker operations while enjoying a near zero rate of false positives. Contrast that with traditional end-point defenses and the inevitable alert fatigue, and it is easy to understand how targeted deception can translate into operating efficiencies for your security and incident response teams.
Lieutenant General 'Stonewall' Jackson
The CyDec Platform provides powerful, yet easy-to-use, deception capabilities packaged in a customizable platform to meet your specific requirements. The web-based interface can be deployed locally or in the cloud and the agents can be installed through any existing desktop management solution. And once configured, CyDec just goes. It doesn't require constant tweaking or voluminous log analysis.
Also, unlike other commercial deception solutions, CyDec does not need racks of servers to be installed in your environment to re-create complex networks in order to provide top-notch deception. Instead, CyDec takes the approach that simple is best. By precisely targeting areas within the existing network that attackers are likely to act against, CyDec is able to provide superior detection against even the most advanced adversary all without unnecessary complexity.
CyDec uses an active and passive approach for adversary detection. On the active side, CyDec will present deceptions based on advanced heuristics and alert if the bait was taken. On the passive side, CyDec constantly monitors the activity of well-placed lures on the network and endpoints. Through this approach, CyDec can easily identify intrusions in any phase of the attack cycle without any prior knowledge of specific TTPs.
The Emperor Maurice
The Strategikon, c. 600 AD
While the full CyDec Platform is an enterprise tool, we do offer a couple of capabilities so that you can try a little cyber deception yourself. Available for free download is a Nmap OS spoofing capability as well as CyDec Anti-Fp, our anti-fingerprinting browser extensions and associated Windows application.