Lure Attackers to Reveal Their Presence with Advanced Deception Technology. That's right part of the ThreatFortress system sets traps for cybercriminals to further protect your system against attack.
Advanced attackers study their target environment carefully, as well as the protection measures in place and learn their weaknesses until finding a way to evade detection. No protection is 100% proof and combination of persistency, skill and determination can eventually outrun the best detection.
Cynet Deception technology plants various types of decoys across the environment to tempt attackers to get out of their hidings and reach out for what seems to be a valuable hunt and by doing that reveal their presence and former activities. With Cynet Deception technology there are zero false positives – only live malicious presence can trigger a deception alert.
DECEIVE ATTACKERS WITH VARIOUS HONEYPOTS: DECOY FILES, PASSWORDS AND NETWORK CONNECTIONS
Cynet deception security supports various types of decoys, to detect threats in various stages of the attack’s lifecycle: data files, credentials and network connections. In each type, the consumption action triggers the alert – login attempt with a decoy password, connection attempt with RDP or URL and opening a data file.
Cynet cyber deception provides both off-the-shelf decoy files as well as the ability to craft your own, while taking into account your environment’s security needs.
DETECT ATTACKS AT THE CREDENTIAL THEFT STAGE: DECOY PASSWORDS
Passwords are extremely valuable to attackers attempting to expand their foothold within a compromised environment. Cynet crafts and plants text files containing false passwords along attackers’ potential routes. Any attempt to log in with these passwords triggers an alert.
DETECT ATTACKS AT THE LATERAL MOVEMENT STAGE: DECOY CONNECTIONS
When seeking to expand compromise across the environment to access organizational resources, internal network shares and RDP connections are extremely attractive. Cynet’s decoy connections enable the reliable detection of attackers during the hard –to-detect lateral movement stage.
DETECT ATTACKS AT THE DATA ACCESS AND EXFILTRATION STAGE: DECOY DATA FILES
The attacker’s top object is to get hold of sensitive data – IP, PII, business plans, etc. Cynet crafts and plants decoy data files and links – similar to what attackers would seek in the target organization – and plants them across endpoints and servers in the environment.
DECOY DATA FILE BEACONING
When an attacker opens a decoy data file at its premise, an alert is triggered and the file sends Cynet the malicious IP address at which it resides.
Dr. Drew Bjerken
CISO, CPO Catalina
“ThreatFortress' CyOps security team is a major plus. They’re online 24/7 assisting with threat hunting, alerting, and helping with incident response - without any additional cost.”
“ThreatFortress' Cynet dramatically consolidated and simplified our security.”
Former CISO, ICL Group
“One of the biggest values of ThreatFortress is their CyOps team of security experts they are available around the clock, whenever we need them. They enhance and complement our existing security capabilities and as a CISO, this gives me peace of mind.”
Platform Demo (7 Minutes)
XDR Prevention and Detection
Helping to protect your business with real-time threat prevention and detection services for your Users, Hosts, Networks and Files. XDR Prevention and detection of a myriad of attack vectors, utilizing the capabilities of the following security technologies:
Complete coverage of all attack vectors that involve endpoint, user and network.
Cynet Prevention & Detection leverages Cynet Sensor Fusion to provide the integrated capabilities of Next-Generation Antivirus, Endpoint Detection and Response, Network Analytics, Deception and User Behavioral Analytics. Cynet also moves beyond the incremental value of these capabilities, by unveiling advanced threats that can be detected only by concurrent analysis of endpoint, user and network activities.
Next Generation Anti-Virus
Block execution of malware, exploits, fileless, Macros and ransomware.
Endpoint Detection and Response
Detect advanced attacks by continuous monitoring of endpoint file and process activities.
Monitor network traffic to unveil reconnaissance, credential theft, lateral movement and data exfiltration attempts.
User Behavior Analysis
Profile the behavior of all user accounts to pinpoint anomalies that indicate an attempted compromise.
Plant various types of decoy files across your environment to lure attackers into revealing their presence. Learn More
Providing fully automated or manual response actions to threats. Manual and automated remediations of infected hosts, malicious files, compromised user accounts and attacker-controlled traffic.
Full automation of response workflows across the entire environment.
Cynet Response Orchestration includes a full set of remediation actions to address infected hosts, malicious files, attacker-controlled network traffic and compromised user accounts. Remediation can be performed either directly on the endpoint or by involving infrastructure components such as firewall, AD, etc. Cynet supports response automation by gathering several remediation actions into playbooks that are activated upon occurrence of respective alerts.
Remove malicious presence and activity with pre-built actions for hosts, files, users and network.
Build your own response workflows by chaining various remediations together and adding scripts to communicate with core components such as firewalls and AD.
Automate incident response workflows by using Cynet’s playbooks to resolve security events without the need for human intervention.
24/7 MDR SOC Services
Providing you with 24/7 monitoring of all of your endpoints by real humans and SOC Anlysts. CyOps is Cynet’s 24/7 SOC team of threat researchers and security analysts that complement Cynet 360 technology with unmatched security expertise, available to Cynet’s customers at no additional charge. CyOps assist Cynet customers with in-depth investigation, proactive threat hunting, malware analysis and attack reports, ensuring that every security event is handled and resolved.
Proactive Threat Hunting
Continuous search through our customers’ environment to detect and address live attacks.
Engage CyOps upon any suspicious activity you see in your environment, to detect, respond and remediate.
Attack Investigation and Reporting
Get reports on attacks that CyOps detects across our customers’ install-base, including IOC and mitigation practices.
Submit any suspicious file to an expert analysis for information regarding its nature and potential risks.