Developing private, actionable threat intelligence with deception technology

The premise of threat intelligence is simple — Feed information on evil stuff to your security infrastructure and proactively proactively protect yourself. Who wouldn’t want to do this?

 

 

How can you make threat intelligence work for you?

Predicting and preempting an attack before it begins is a defensive capability all organisations aspire to. Threat intelligence makes this possible, unfortunately, there are varying levels of how ‘intelligent’ different approaches are.

 

Threat intelligence is a hot cybersecurity buzzword — many solutions purport to offer actionable intel to block attacks before they cause damage, but do they really deliver?

 

Most intelligence is some version of ’block these IPs / malware hashes / C&C domains because they did something nasty to someone, somewhere, at some point in time’. This is neither relevant, nor actionable, but it feels like something proactive has been accomplished. Unfortunately sophisticated attackers rarely if ever re-use their source IP addresses, command and control channels and malicious software.

 

A far better approach is for organisations to build their own private threat intelligence — information on threat actors that is relevant to you specifically. The number of indicators may be far less, but they are much higher quality, and it is far more likely that they will be used in an actual attack. However, developing this capability was extremely difficult. Until now with private threat intelligence generated by Smokescreen’s deception technology.

How deception technology gives private threat intelligence

IllusionBLACK threat intel decoys activate only when attackers specifically seek you out. They reveal who’s mapping your infrastructure, collecting OSINT, and preparing to attack. Features of our private threat intelligence decoys include:

 

  • Detect stolen credentials
  • Uncover stealthy probes that other systems miss
  • Export intelligence to enforcement systems
  • Deflect the attack at the start of the kill chain

 

See how IllusionBLACK gives predictive threat intelligence capabilities

Your Name (required)

Your Email (required)

Interested In


Want more information on IllusionBLACK’s advanced features?