"All war is based on deception."
Sun Tzu
The Art of War
The Cyber Deception (CyDec) Platform
A toolkit of highly configurable and easily manageable cyber deception capabilities designed to draw adversaries away from your valuable data and identify enemy movement within your environment. Deceive on the network and on the endpoint. Bait the adversary with tempting targets. Confuse the enemy so they make mistakes. All war is based on deception and cyber war is no exception.
Honey Creds
Make the adversary think they found valuable credentials and get alerted to any attempted use.
Honey Files
Seed endpoints with deceptively named phantom files that can trigger alerts on contact.
Honey Pots
Deploy high-fidelity honey pots on the network to entice and confuse an attacker.
Spoofing
Make your systems appear as something else to an attacker fingerprinting your network.
Folder Deceptions
Deceive what an adversary sees inside a folder or just hide it completely.
Alerting and Response
Whether a passive sensor has been tripped or an active attack has been detected, CyDec provides you the information and tools to respond.
"Though fraud in other activities be detestable, in the management of war it is laudable and glorious..."
Niccolo Machiavelli
Discourses, 1517
Confuse The Adversary
The deception capabilities available with The CyDec Platform are both passive and active. The passive capabilities lie in wait until acted upon while the active capabilities dynamically project false information designed to confuse and deceive.
The actual Windows 10 system shown in the top Nmap OS scan without CyDec running and then performing the same scan again with CyDec Nmap OS spoofing enabled. This time it shows up as a Nintendo 3DS.
CyDec's anti-fingerprinting technology can deceive a variety of tools to include:
- Nmap
- GFI LanGuard
- Nessus
- p0f
- Xprobe2
CyDec spoofing and honey pots support a range of protocols including:
CyDec provides the ability to bait attackers on the endpoint into using bogus resources or to trick them to think the system contains nothing of value.
- Honey credentials
- Honey files
- Folder deceptions
"Always mystify, mislead, and surprise the enemy..."
Lieutenant General 'Stonewall' Jackson
1862
Powerful and Customizable Alerting
CyDec doesn't stop at just tricking an attacker. It also provides powerful alerting and remediation mechanisms designed to stop an attack.
CyDec can identify techniques used by attackers for reconnaissance and lateral movement.
- Port scans
- OS fingerprinting
- Suspicious SMB activity
CyDec can also be configured to respond to threats automatically.
- Generate human or machine-readable alerts
- Isolate system at the endpoint or the perimeter
"In his movements the general should ... feint in one direction to try to deceive his adversary."
The Emperor Maurice
The Strategikon, c. 600 AD
Why Deception?
When properly applied, cyber deceptions are formidable tools that can be used to identify attacks, highlight adversary movement and protect your valuable information. Deceptions create uncertainity for an attacker which will lead to costly mistakes and more resources expended.
Heilig Defense's Cyber Deception Platform provides powerful, yet easy-to-use, deception capabilities packaged in a customizable platform to meet your specific requirements.
Contact Us
Headquarters:1100 Wilson Blvd | 10th Floor
Arlington, VA
Phone:
(703) 682-6901
Email:
info@heidef.com
Try CyDec Platform
You can try a little cyber deception yourself. Available for free download is the Nmap OS spoofing capability as shown in the video above as well as anti-fingerprinting browser extensions. These are just a small piece of the full platform designed to demonstate the power of deception and the CyDec Platform.
CyDec Nmap OS Spoofer (Windows x86)
CyDec Nmap OS Spoofer (Windows x64)
Browser Extensions
Chrome Extension
Firefox Extension