Active Defense Through Deceptive Configuration Techniques

"Security architecture, based on deception strategies can effectively change the starting point of the legitimate network, providing additional time to prepare adequate defenses. Through configurable logical networking, a virtual network can be designed to monitor, capture, and lure malicious activity deeper into a virtual labyrinth, away from the real network. By incorporating the use of dynamic threat lists, offered by specific security tools, signatures can be created to strengthen the defenses of the internal network before the malicious actions reach the boundary. Using honeynet architecture, the virtual labyrinth can be dynamically and continually created providing protection from attackers. Through real-time knowledge gathering of the attacker’s exploitation techniques, the Labyrinth provides defenders with time to prepare effective countermeasures. In this paper, the demonstration on how the use of honeynet architecture can allow defense teams to strengthen their perimeter, by using customized dynamic threat lists created from a completely configured and monitored environment."

Spotlight

iSEC Partners

iSEC Partners is a proven full-service security consulting firm that provides penetration testing, secure systems development, security education and software design verification services. iSEC Partners' security assessments leverage our extensive knowledge of current security vulnerabilities, penetration techniques and software development best practices to enable customers to secure their applications against ever-present threats on the Internet. Primary emphasis is placed upon helping software developers build safe, reliable code.

OTHER WHITEPAPERS
news image

The Importance of Cybersecurity Threat Detection for Utilities

whitePaper | November 25, 2019

Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive approach to ensuring cyber protection is essential and should include cybersecurity threat detection as a standard element. But not all such cybersecurity solutions are created equal.

Read More
news image

AWS Best Practices for DDoS Resiliency

whitePaper | December 5, 2019

You work to protect your business from the impact of Distributed Denial of Service (DDoS) attacks, as well as other cyberattacks. You want to keep your customers’ trust in your service by maintaining the availability and responsiveness of your application. And you want to avoid unnecessary direct costs when your infrastructure must scale in response to an attack.

Read More
news image

Understanding Ransomware and Strategies to Defeat it

whitePaper | March 5, 2020

Held Hostage in Hollywood: In February 2016 the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 to hackers who infiltrated and disabled its computer network with ransomware. The hospital paid the ransom of 40 Bitcoins (currently worth about $16,664) after a “network infiltration” began on February 5, when employees reported being unable to access the hospital’s network and electronic medical records system. “The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said hospital CEO Allen Stefanek.

Read More
news image

Threat Connect Cyber Survey Report

whitePaper | January 4, 2022

Whether you are in financial services, farming, or public infrastructure, the security threat to organizations has never been greater. Today, almost every company is a technology company in some shape or form and this can be a soft underbelly - open to attack. Cyber risk is the fastest-growing risk faced by businesses globally. A wide range of statistics and sources make it clear that attackers have become even more proficient over recent years, using automation to exploit vulnerabilities at an accelerated pace and frequency. Threats are even more widespread and complex than before.

Read More
news image

INDUSTRIAL CYBER RISK MANAGEMENT

whitePaper | May 21, 2021

Critical infrastructure owners and operators have managed industrial risk for hundreds of years. This risk is usually measured in impact to health, safety, and reliability. As these industrial systems become increasingly digitized, so does the risk. What were once seen as isolated, manual processes have become reliant on communication networks and digital devices.

Read More
news image

Scenarios for the Future of Cybercrime - White Paper for Decision Makers

whitePaper | January 28, 2020

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

Read More

Spotlight

iSEC Partners

iSEC Partners is a proven full-service security consulting firm that provides penetration testing, secure systems development, security education and software design verification services. iSEC Partners' security assessments leverage our extensive knowledge of current security vulnerabilities, penetration techniques and software development best practices to enable customers to secure their applications against ever-present threats on the Internet. Primary emphasis is placed upon helping software developers build safe, reliable code.

Events