Since the dawn of time, deception has been used in nature in various forms as a successful survival strategy and has played an important role in the physical and behavioral adaptations of all organisms. Humankind, with its higher cognitive ability, has successfully adapted deception to warfare, as a powerful mechanism to draw an enemy into weak position and to defeat or completely rout. Sun Tzu’s famous aphorism “All warfare is Deception” sums it up succinctly! In the Computer Security industry, Cliff Stoll’s uncanny use of Deception depicted in his book, Cuckoo’s Egg, would put most spy thrillers to shame. Stoll’s success led to a number of Open Source Deception projects – Honeyd, Honeynet, Kippo, Dionaea, and industry specific honeypots – Gaspot, Conpot, etc. All these projects proved the efficacy of Deception technologies through low false positives detection signals. This led to a number of startups offering commercial solutions, typically focused at a certain niche aspect of Deception – Low Interaction Honeypots, High Interaction Honeypots, Breadcrumbs, etc. Despite some innovative approaches, these Deception 1.0 solutions did not address the key aspects of what a modern distributed enterprise needed; namely, to deploy deception at scale, deploy it automatically, deploy it cost-effectively, deploy it from the cloud or on-prem, and deploy it to on-prem or cloud workloads. At Acalvio, we have addressed these fundamental issues in our Deception 2.0 solution, ShadowPlex. In our travels, we heard from Cybersecurity professionals that they would benefit from a simple and succinct explanation of the key aspects of advanced deception techniques using a simple, non-technical jargon approach. This was the primary motivation behind this book.
The book has 6 very easy to read chapters, the last chapter providing you 10 key recommendations for a successful deception deployment.
- The Truth about Deception in Cyber Security
- Deception 1.0: The Inception of Deception
- Deception 2.0: The Next Generation of Deception
- Creating a Deception Strategy
- Deploying a Deception Architecture
- Ten Keys to Effective Deception for Cyber Protection
Currently there exists a fundamental asymmetry in the security industry – we have to be right all the time; the threat actor has to be right only once. Deception turns this asymmetry on its head to benefit the good guys; with Deception, the bad guy has to be wrong once and we have him nailed. Deception 2.0 solutions allow you to leverage the power and potential of Deception technologies to delay, deflect and ensnare the threat actor; in a high fidelity, timely and cost-effective fashion.
Gartner Group has rated Deception as one of the Top 10 security categories that professionals should focus on. We believe that the techniques outlined in this book will serve as a simple and practical guide that you can use to educate the rest of your stakeholders and bring them along in your Cyberdefense journey.
You can get your complimentary copy of the book here. Download Deception 2.0 for Dummies PDF
We are confident you will be intrigued by what deception can do to improve your security posture and program.
Authors
