Not Your Father’s Honeypot

By Pauline List - Product Marketing, Metallic
November 7, 2022

As cyber threats continue to evolve and become more elaborate, companies of all sizes are being challenged to protect their critical business data. And as ransomware grows in sophistication, the need for security controls to keep pace with these threats becomes more inherently important. The priority for most businesses is to fortify their perimeter defenses to prevent intrusions altogether. However, in the current landscape, a multi-layered approach is needed for comprehensively protecting data – one that doesn’t just focus on preventing breaches, but also responding in worst case scenarios.

The Need for Deception Technology

No company boundary is impenetrable. That’s why to achieve the strongest security posture to protect data against ransomware attacks, organizations need multi-faceted tools that work across multiple phases in the attack chain – including in the event of a successful breach. Although commonly underutilized, modern deception technology can play a critical role in early detection of silent and zero-day threats that successfully bypass conventional security tools. Modern cyber deception is defined as active defense technology and provides businesses with a powerful one-two-punch; first slowing attacks down by diverting bad actors in your network toward fake assets and, second, simultaneously providing high-fidelity alerts into attacks in progress for faster remediation.

More Than Honeypots

For many, the first thing that comes to mind when they hear ‘deception’ is the conventional application of Honeypots. Honeypots are a longstanding form of deception that is traditionally used for intelligence purposes. Honeypots are decoy systems used to lure hackers into attacking a fictitious system that appears real, helping businesses learn from bad actors and their tactics. Although valuable, traditional Honeypots are tedious to set up and scale.  They are typically complex in nature, take time to deploy, and consume IT resources to spin up (licenses, compute, etc.).  Furthermore, they are limited in their reach and can only emulate known and commonly used systems (for instance a Server) – making it easier for attackers to spot. To combat advanced and zero-day threats, modern deception tools move beyond Honeypot technology to safeguard data sooner by actively deceiving, engaging, and alerting the business into attacks, not just learning from them.

Next generation deception with Metallic® ThreatWise™

Metallic® ThreatWise™ changes the game in data protection through specialized, next generation deception. Using patented technology, ThreatWise™  baits and exposes bad actors to neutralize silent attacks and flag bad actors during recon, discovery, and lateral movement. Unlike honeypots, ThreatWise™ is lightweight, rapidly configurable, and designed to engage threats. By deploying decoys in bulk, ThreatWise™ quickly blankets surface areas and networks with deceptive assets that look like and behave like real resources. Think of these false assets as trip wires that, when touched by a bad actor, signals immediate alerts to the business.  ThreatWise(TM) decoys are also highly versatile and authentic and can mimic a wide variety of resources including workstations, databases, network assets, IoT devices, or nearly any other highly specialized resources that’s unique to your business or industry. This unrivaled realism tricks hackers into compromising and interacting with false resources, while unknowingly exposing their presence helping business kick start remediation efforts before attacks reach their targets. Unlike Honeypots, ThreatWise™ enables you to lure cyber threats down a rabbit hole, away from invaluable data and assets