CounterCraft’s Cyber Deception Platform is a full
spectrum deception solution that takes the design, deployment and management of
deception to the next level with real-time attack detection and targeted,
actionable threat intelligence directly applicable to the host network. This
solution has a full rest API.We saw a ton of changes CounterCraft has made
over the last year, one of which was moving the focus of their company towards
more of an international partner network. CounterCraft adds value to deception
within threat hunting to breach the detection gap. Deception is spread outside
of the corporate environment with breadcrumbs placed where attackers are going
to hunt for information. These locations are spattered with fake information
that will lead attackers into the deception environment.The solution builds and deploys a synthetic
environment with design campaigns and assets to attract attackers. It monitors
real-time events are monitored with zero false-positive alerts, and can run multiple
campaigns in parallel. A series of deception hosts with deception surfaces
exist within the campaigns.Key outcomes of the deception include detecting
advanced attackers, looking at all the stages of the attack phase, controlling
attacks and controlling the attacker once detection occurs. A cloaked kernel
level agent reports everything back with real-time advance while influencing
the attacker to prolong interaction. Adversarial investigation helps prioritize
decisions and actions.The several updates made this year include detailed
deception environments, fully instrumented WiFi routers and portal apps. The
solution can take log data from Microsoft and Google as well. One capability
that stood out among the many additions is an anti-phishing feature that feeds fake
credentials to attackers to lead them to a fake environment to determine what
information they are seeking.In the web console, Adversary Attack Graph shows
a deception path, a small portion of an attack tree. Adversaries are baited
with breadcrumbs leading to the web portal, which invites a brute force attack.
Exfiltrated documents with honeytokens are contained here. Exfiltrating and
opening the documents triggers an alert. The deception documents lead to
credentials within another box and a fork in the road for the attacker. If attackers
leverage credential dumping, a cookie is loaded into the box and them to make another
lateral movement, which takes them to a mobile app where a security team obtain
a of the attacker, including GPS coordinates.CounterCraft takes pride in developing its product in accordance with the feedback it receives, basing changes on user stories and customer research to ensure the product is both functional and looks good. An extensively detailed QA process boosts customer assurance. This level of ownership and integrity can be seen throughout the CounterCraft Cyber Deception Platform. Contact vendor for pricing details. Support offerings include global partner network for local support and deception consultancy. Professional services for custom deception assets and campaign design are additionally offered. Tested by: Matthew Hreben
Content
CounterCraft Cyber Deception Platform 2.3.0
Product title
CounterCraft Cyber Deception Platform 2.3.0
Product info
Vendor: CounterCraft
Price: Contact vendor for pricing details
Contact: https://www.countercraft.eu/
Strength
CounterCraft prides itself on developing their product in accordance with the feedback they get. This level of ownership and integrity can be seen throughout this deception solution.
Weakness
None that we found.
Verdict
CounterCraft’s Cyber Deception Platform is a full spectrum deception solution that takes the design, deployment, and management of deception to the next level.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds