Modern Cyber Deception: Introducing Metallic® ThreatWise™

By Steve Preston - VP Metallic Security
September 21, 2022

No customer boundary is impenetrable. It’s not a matter of if an attacker gets in, but when.

With intelligent cyber deception, businesses can effectively identify, slow, and contain attackers early – before they reach their targets or compromise data.  But not all cyber deception is created equal.  Here’s how Metallic® ThreatWise stands apart.


Data is the crown jewel of your business. Protecting that data starts before it’s compromised.​

With ThreatWise, Metallic redefines data protection and moves into uncharted territory as the only data management platform to offer fully-integrated deception technology, alongside award-winning backup and recovery. Now, businesses of all sizes get robust early warning capabilities to spot and intercept threats before they reach your crown jewels – alongside proven recoverability for worst-case scenarios.  It offers a unique multi-layered approach to data protection combining advanced indicators to contain threats before leakage, encryption, or exfiltration, with fast, granular restoration for stronger business continuity.  

Threat Sensors.

Legacy deception solutions employ antiquated approaches, where customers typically face trade-offs.

Some opt for honeypot-based technologies which are focused on helping businesses learn from bad actors and their tactics. While valuable, these solutions are complex, take time to deploy, consume IT resources (licenses, compute, etc.), and are difficult to scale. Others have leveraged lure or token-based solutions, which are simple and scalable, but not robust and deliver a low-level of interaction from bad actors.  With ThreatWise, Metallic applies a unique approach to deception that takes the best of both worlds; one that interacts with, deceives, and surfaces bad actor attempts in sophisticated ways, without the restrictions, burden, or resource constraints of traditional deception solutions.

Instead of cumbersome honeypots, ThreatWise leverages patented threat sensor technology – which can mimic any customer asset, at scale (ie- VMs, databases, containers, and more).  Hundreds, or thousands, of lightweight sensors can be rapidly deployed across entire environments in just seconds, covering the attack surface with indistinguishable decoys that look like and behave like real assets – baiting bad actors into engaging fake resources.

High-Fidelity Alerts.

Deception is only as good as its accuracy. ThreatWise cuts through the noise to pinpoint recon, lateral movement, and unwanted privileged access that cannot be detected by conventional technology. When sensors are engaged or interacted with, ThreatWise issues real-time triggers that provide key stakeholders and complementary security tools (such as SIEM) with direct line of sight into malicious attempts. And since sensors are only visible to attackers, and not discoverable by legitimate users and systems, notifications are highly accurate, without false positives or alert fatigue.

For more information on next-generation cyber deception, visit