Logo of Acalvio, a leading company in cyber deception technology

Modern adversaries are gaining in speed, with adversary breakout time down to an average of 62 minutes in 2024 compared to an average of 84 minutes in 2023. This poses a significant challenge for cyber defense.

Adversary breakout time is falling rapidly

Adversary gains initial access to an endpoint

Performs offensive actions (reconnaissance, credential access, privilege escalation, defense evasion followed by lateral movement)

Pivots toward a critical system

Early

Adversaries propagate rapidly toward critical systems or sensitive data

Implications for cyber defense

Prevention based defenses are not sufficient

Adversary will always get to machine zero (initial beachhead)

Breach occurs when adversary compromises critical assets or sensitive data. Stopping breaches is contingent on detecting threats before adversary breakout.

Traditional security solutions are unable to keep pace

Modern adversaries leveraging existing utilities, credentials to make it harder to detect using traditional techniques

Traditional detection mechanisms based on observing and analysis

Requires a certain level of signal to emerge before classifying actions as malicious

Results in a longer detection window

Alert

Deception provides early threat detection

MITRE

Deploy deception at scale

Adversaries have two primary methods for propagation

  • Credentials
  • Vulnerability exploits

By setting relevant traps, defense can detect adversary actions

Deceptions are not used in existing IT workflows

Any usage of the deception is indicative of malicious action

Provides instant threat detection

Set traps to detect threats early in attack lifecycle (MITRE tactics)

Key criteria to achieve the goal

Deception should be deployed across the enterprise

  • Adversary can gain initial access on any endpoint
  • Deploying deception at scale is essential to detect threats early

Deception needs to be comprehensive

  • Set relevant traps for adversary
  • Credentials, opportunities for lateral movement

Deception needs to be realistic, fresh and dynamic

  • Believable for the adversary
Acalvio

Accelerate your detection to stop breaches

Join forces with Acalvio to fortify your defenses and safeguard your digital future. Reach out today to learn more about our industry leading deception platform and its role in early and precise threat detection to stop breaches

Loading...