Use CounterCraft’s automated Cyber Deception technology to detect attacks early - even pre-breach; collect real-time threat intelligence specific to your organization; and proactively protect your organization by adapting your defenses to stop attacks.
We use social engineering techniques against the attackers. Technical discovery information will be placed where it can be found by a threat actor searching for your organization’s external infrastructure.
The deception buffer zone infrastructure will be hosted on cloud infrastructure. In the deception buffer zone, external services will provide the attackers with a credible target.
When an attacker interacts with the deception buffer zone, an alert is immediately sent from our console and threat intelligence collection starts.
The deliverables are actionable threat intelligence data with enrichments in the form of TTPs (MITRE ATT&CK) and IoCs including IP addresses, and credentials used by threat actors. The threat intel data can be sent to external security tools such as MISP, a SIEM or SOAR platforms.
The goal of the Pre-breach Intelligence Service is to deflect attacks away from the external infrastructure of the organization by deploying a deception buffer zone. The service will deliver real time intelligence that will be used to harden your infrastructure.
Deploy: deploy the assets associated with the service. This includes the creation of the attack vector discovery assets (breadcrumbs), any associated IT assets, and full configuration and deployment of the campaign.
Discover: the threat actors follow a prepared breadcrumb trail to discover and attack external facing services, hosted on your behalf.
Detect: detect when the threat actors are conducting reconnaissance on the deception buffer zone and you will be alerted immediately.
Collect Intel: the platform continues to collect intel in real-time on how the threat actors discovered your infrastructure, and what techniques, tools and procedures they are using to attack. You will be able to access all this information through an easy-to-understand dashboard.
Proactively Protect: make it actionable. Integrate the intelligence gathered with your security infrastructure: e.g. SIEM, SOAR, and TIPs.
To understand and stop threats more effectively and efficiently, your existing security infrastructure and people need to work smarter, not harder. ThreatQ is an open and...
Rapid7 is a leading cyber security solutions provider, on a mission to make successful security tools and practices accessible to all. Rapid7 Insight Platform technology,...
Netwrix Auditor is a visibility and governance platform that enables control over changes,
configurations and access in hybrid cloud IT environments to protect data...
The affordable, intelligent, easy to implement, maintain and manage SIEM solution of LogPoint Extracts events and incidents from the billions of logs in any infrastructure of...
Secure and achieve visibility over SaaS apps like Office 365 and G Suite, internal apps like Exchange and SharePoint, and IaaS providers like AWS and Azure. Protect cloud...
Synack helps clients efficiently find and fix vulnerabilities before criminals can exploit them and inflict critical damage. Synack finds, assesses, and ranks these critical...
Blueliv is a leading provider of targeted cyber threat information and analysis intelligence. Blueliv aggregates and correlates a comprehensive range of cyber threats to turn...
Full spectrum cyber deception and ground breaking threat hunting and counterintelligence to detect, investigate and control targeted attacks. The solution combines powerful...
ZecOps is a cybersecurity automation company that takes a realistic approach to cybersecurity by leveraging crash analysis to automate Advanced Persistent Threats (APTs)...
Sourcefire, Niksun, Netwrix, Redsocks, Rapid 7, Unomaly, Logpoint, Isight Partners