Deception technology
(also threat deception technology)
Deception technology definition
Deception technology is a category of cybersecurity that uses defense mechanisms to alert companies and individuals of unauthorized access or potential cyberattacks early on. Additionally, deception technology can detect, scan, and protect against zero-day and advanced attacks.
Deception technology products are automated and can spot malicious activities within internal networks that other cyberdefense types can’t. They’re also proactive, which means that instead of waiting for an attack to happen to act, detection technology products are used to seek out and deceive the attacker.
More specifically, detection technology places a set of traps and decoys across a system’s infrastructure to deceive attackers into thinking they are genuine assets, like applications or data. Then, if an attacker triggers a decoy, thinking they’ve gained access to the company’s digital assets, the server logs and monitors the attacker’s activity.
By studying the attacker’s behavior and how they interact with the decoy, IT analysts can help improve the overall system’s security and prevent similar attacks from happening by eliminating the vulnerabilities the attacker exploited.
See also: zero day, lateral movement
Deception technology benefits
- Reduces the time attackers spend on the network.
- Stops attacks from spreading early on.
- Little to no damage is done to the organization’s actual assets.
- Detects multiple types of cyberattacks, including account hijacking, credential theft, IoT attacks, lateral movement attacks, and spear phishing.
- Decreases the number of false positives.