How to Thwart Attackers with Deception
Tuesday, October 30, 2018– 10:00am-3:00pm at Columbia Tower Club
Deception is an effective tool to detect adversaries that have already bypassed traditional detection schemes. These attackers will continue to maneuver in the network undetected unless we put something in the way to entice them into making a mistake.
To that end, deception arms organizations that already have a robust security program with a safety net to catch attackers who have already made it inside (or are working their way in).
Deception differs from traditional detection in that every alert is actionable (unlike most alarms in the SIEM). It also differs from threat hunting, largely for the same reason. When properly deployed, deception techniques offer defenders 100% actionable alerts by offering attackers opportunities too good to pass up.
Technologies covered in this symposium include:
- DNS Honeypot entries
- SMB Honeypots
- Database Honeypots
- Honey accounts - phishing responses
- Honey domain accounts
- Honey tokens
By the time you leave this symposium, you’ll be armed with newfound knowledge to take back to your organization and implement. From there, you can take the fight to the bad guys.
This symposium is designed with CISOs, security architects and SecOps leaders in mind, but security practitioners and risk managers of all types are welcome.
This event is for IANS clients and invited guests — there is no vendor sponsorship or presence.