Go To Home

Lenny Zeltser on Protean Security Tactics

by Smokescreen Team

Lenny Zeltser

We’re big fans of the SANS team, and specifically of Lenny Zeltser. It’s gratifying then, to see him discussing deception and active defence in his recent  series  of blog posts, and we highly recommend reading his history of deception in computer security.

Lenny Zeltser is right about deception and active defence on all account. Here, we’d like to extend a couple of his main arguments:

  1. Thinking asymmetrically
    Cyber-security has always been a form of asymmetric warfare. The defenders have expensive, monolithic defences, are slow to adapt, and are hampered by ‘terrain’ such as geographical boundaries. The attacker are quick to change tactics, rely heavily on deception, and make use of terrain. This is guerilla warfare, and only an asymmetrical defence will yield results.
  2. Support costs of honeypots
    Honeypots in the traditional sense are expensive to deploy and difficult to maintain. They also increase attack surface for an attacker. However, virtual decoys solve all these problems. They are easy to deploy, administer and monitor, and they do not create vulnerabilities.

When you integrate decoys and active defence into the fabric of the environment, you asymmetrically turn the tables on even the most advanced attackers. They are human after all.


Continue Reading

  • You Need Deception Technology. And It’s Not Why You Think

    Deception technology is a different way of thinking about cybersecurity. Without it, attackers have the advantage. You can take that advantage back.
    By Kevin Fiscus
  • The curious case of “How many decoys do I need?”

    Decoys can be deployed everywhere in your network – current-gen deception technology makes that possible. There are however no free lunches and pervasive deception might come with a cost. So the question is, should you?
    By Sudarshan Pisupati
  • Open Source Honeypots That Detect Threats For Free

    If you’re a target for either financially motivated cyber-criminals, or nation-state grade attackers, chances are your security team feels outgunned. Deception technology excels at detecting these attacks by shifting the cognitive, economic and time costs of the attack back onto the attacker.
    By Smokescreen Team
  • Have you tried out IllusionBLACK yet?
    • Detect zero-days, APTs, and insider threats
    • 10x the detection capabilities with 1/2 the team
    • Get started in minutes, fully functional in hours
    Schedule a demo
    Go to home

    Simple solutions for detecting and containing threats. Working with us does not break the bank or your spirit. We’re the company of choice for offensive security teams with a Net Promoter Score of 70+.

    © 2020 Smokescreen. All rights reserved.

    Solutions For
    Web Application AttacksLateral MovementRansomware AttacksTargeted ThreatsSocial EngineeringMalware-less Attacks