"All war is based on deception."

Sun Tzu
The Art of War

The Cyber Deception (CyDec) Platform

A toolkit of highly configurable and easily manageable cyber deception capabilities designed to draw adversaries away from your valuable data and identify enemy movement within your environment. Deceive on the network and on the endpoint. Bait the adversary with tempting targets. Confuse the enemy so they make mistakes. All war is based on deception and cyber war is no exception.

Active Directory

Active Directory is a primary target for attackers. CyDec has powerful deception capabilities to protect it.

Honey Creds

Make the adversary think they found valuable credentials and get alerted to any attempted use.

Honey Files

Seed endpoints with deceptively named phantom files that can trigger alerts on contact.

Honey Pots

Deploy high-fidelity honey pots on the network to entice and confuse an attacker.

Spoofing

Make your systems appear as something else to an attacker fingerprinting your browser and network.

Folder Deceptions

Deceive what an adversary sees on the filesystem or just hide data completely.

"Though fraud in other activities be detestable, in the management of war it is laudable and glorious..."

Niccolo Machiavelli
Discourses, 1517

Confuse The Adversary, Not Your Users

When properly applied, cyber deceptions are formidable tools that can be used to identify attacks, highlight adversary movement and protect your valuable information. Deceptions create uncertainty for an attacker which will lead to costly mistakes and more resources expended.

CyDec's deceptions can be precisely targeted to achieve the level of deception required to protect the things that are most valuable to your organization. This precision ensures that attackers get trapped by the deception while normal users are not even aware that their endpoint is protected.

The high-fidelity sensors, lures and traps that can be deployed by CyDec, along with a variety of system hardening techniques, provide visibility into attacker operations while enjoying a near zero rate of false positives. Contrast that with traditional end-point defenses and the inevitable alert fatigue, and it is easy to understand how targeted deception can translate into operating efficiencies for your security and incident response teams.

"Always mystify, mislead, and surprise the enemy..."

Lieutenant General 'Stonewall' Jackson
1862

Simple, Powerful and Customizable

The CyDec Platform provides powerful, yet easy-to-use, deception capabilities packaged in a customizable platform to meet your specific requirements. The web-based interface can be deployed locally or in the cloud and the agents can be installed through any existing desktop management solution. And once configured, CyDec just goes. It doesn't require constant tweaking or voluminous log analysis.

Also, unlike other commercial deception solutions, CyDec does not need racks of servers to be installed in your environment to re-create complex networks in order to provide top-notch deception. Instead, CyDec takes the approach that simple is best. By precisely targeting areas within the existing network that attackers are likely to act against, CyDec is able to provide superior detection against even the most advanced adversary all without unnecessary complexity.

CyDec uses an active and passive approach for adversary detection. On the active side, CyDec will present deceptions based on advanced heuristics and alert if the bait was taken. On the passive side, CyDec constantly monitors the activity of well-placed lures on the network and endpoints. Through this approach, CyDec can easily identify intrusions in any phase of the attack cycle without any prior knowledge of specific TTPs.

"In his movements the general should ... feint in one direction to try to deceive his adversary."

The Emperor Maurice
The Strategikon, c. 600 AD

Try CyDec Platform

While the full CyDec Platform is an enterprise tool, we do offer a couple of capabilities so that you can try a little cyber deception yourself. Available for free download is a Nmap OS spoofing capability as well as CyDec Anti-Fp, our anti-fingerprinting browser extensions and associated Windows application.

Browser Spoofing
CyDec Anti-Fp

Nmap OS Spoofer
v1.2020.181.210 (x64)

Contact

Want more info? Want a demo? Just curious about deception? Get in touch and let us know.
info@heidef.com
1101 Wilson Blvd
6th Floor
Arlington, VA 22209
(703) 783-CYBR