Risk

1/31/2018
05:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Fidelis Cybersecurity Launches Intelligent Deception Technology to Lure, Detect, and Defend Against Advanced Attackers

Bethesda, Md. — Jan. 25, 2018: Fidelis Cybersecurity (Fidelis), a leading automation detection and response company, today announced the Fidelis Deception Module as a part of Fidelis’ Elevate platform, to truly transform security operations.

As part of recently acquired TopSpin, the Deception Module will extend visibility and detection deep into the network to protect critical data, addressing growing market demand and technology advancements to combat modern day attackers. Fidelis Deception helps security operations learn new attacker techniques and defend critical data assets.

Given the increasing number and sophistication of today’s breaches, it’s no surprise that Deception is gaining widespread attention and becoming a critical part of organizations’ security infrastructure. The need for better detection and response is creating new opportunities for security stack automation, integration, consolidation and orchestration, while also driving the emergence of new segments like deception.

“Deception and automated detection and response (ADR) are the perfect match for our customers,” says Doron Kolton, Chief Strategy Officer of Emerging Technologies at Fidelis Cybersecurity. “The Fidelis Elevate Platform paired with intelligent deception technology ensures organizations stay one step ahead of cybercriminals and detect anomalies, malicious activity and insider threats before they attack.”

The Deception Module improves and becomes deterministic with breadcrumbs leading to decoys to lure attackers and automated malware known to scan hundreds of applications. Instead of searching in vain for the bad actor within an ocean of good data, deception delivers actionable alerts and events from decoys. Fidelis Deception goes a step further and creates evidence of credentials and connections from breadcrumbs throughout the network which are irresistible to attackers. This data both leads attackers toward the persuasive decoy network while simultaneously creating validated threat intelligence that includes devices, data, and behavior all designed to turn the tables on the attackers. They pursue the lures so you can detect, learn, and defend.

By taking an automated approach to deception deployment and maintenance, organizations alter the playing field for attackers. Instead of searching in vain for the bad actor within an ocean of good data, deception delivers validated alerts and events from decoys, MITM (Man in the Middle) traps, Active Directory breadcrumbs and traffic analysis. These equip security operations teams to work with exceptional effectiveness and efficiency and to move from alerts to conclusions.

For more information:

 

About Fidelis Cybersecurity

Fidelis is the industry’s only completely integrated, automated network and endpoint detection and response platform. Fidelis is engineered for visibility, designed for response and trusted by the most important brands in the world. See what you’ve been missing. Visit www.fidelissecurity.com.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...
CVE-2018-11239
PUBLISHED: 2018-05-19
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in ...