Risk

1/31/2018
05:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Fidelis Cybersecurity Launches Intelligent Deception Technology to Lure, Detect, and Defend Against Advanced Attackers

Bethesda, Md. — Jan. 25, 2018: Fidelis Cybersecurity (Fidelis), a leading automation detection and response company, today announced the Fidelis Deception Module as a part of Fidelis’ Elevate platform, to truly transform security operations.

As part of recently acquired TopSpin, the Deception Module will extend visibility and detection deep into the network to protect critical data, addressing growing market demand and technology advancements to combat modern day attackers. Fidelis Deception helps security operations learn new attacker techniques and defend critical data assets.

Given the increasing number and sophistication of today’s breaches, it’s no surprise that Deception is gaining widespread attention and becoming a critical part of organizations’ security infrastructure. The need for better detection and response is creating new opportunities for security stack automation, integration, consolidation and orchestration, while also driving the emergence of new segments like deception.

“Deception and automated detection and response (ADR) are the perfect match for our customers,” says Doron Kolton, Chief Strategy Officer of Emerging Technologies at Fidelis Cybersecurity. “The Fidelis Elevate Platform paired with intelligent deception technology ensures organizations stay one step ahead of cybercriminals and detect anomalies, malicious activity and insider threats before they attack.”

The Deception Module improves and becomes deterministic with breadcrumbs leading to decoys to lure attackers and automated malware known to scan hundreds of applications. Instead of searching in vain for the bad actor within an ocean of good data, deception delivers actionable alerts and events from decoys. Fidelis Deception goes a step further and creates evidence of credentials and connections from breadcrumbs throughout the network which are irresistible to attackers. This data both leads attackers toward the persuasive decoy network while simultaneously creating validated threat intelligence that includes devices, data, and behavior all designed to turn the tables on the attackers. They pursue the lures so you can detect, learn, and defend.

By taking an automated approach to deception deployment and maintenance, organizations alter the playing field for attackers. Instead of searching in vain for the bad actor within an ocean of good data, deception delivers validated alerts and events from decoys, MITM (Man in the Middle) traps, Active Directory breadcrumbs and traffic analysis. These equip security operations teams to work with exceptional effectiveness and efficiency and to move from alerts to conclusions.

For more information:

 

About Fidelis Cybersecurity

Fidelis is the industry’s only completely integrated, automated network and endpoint detection and response platform. Fidelis is engineered for visibility, designed for response and trusted by the most important brands in the world. See what you’ve been missing. Visit www.fidelissecurity.com.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
Making the Case for a Cybersecurity Moon Shot
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  2/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8980
PUBLISHED: 2019-02-21
A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.
CVE-2019-8979
PUBLISHED: 2019-02-21
Koseven through 3.3.9, and Kohana through 3.3.6, has SQL Injection when the order_by() parameter can be controlled.
CVE-2013-7469
PUBLISHED: 2019-02-21
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.
CVE-2018-20146
PUBLISHED: 2019-02-21
An issue was discovered in Liquidware ProfileUnity before 6.8.0 with Liquidware FlexApp before 6.8.0. A local user could obtain administrator rights, as demonstrated by use of PowerShell.
CVE-2019-5727
PUBLISHED: 2019-02-21
Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.