white paper
Understanding the Adversary with Deception Technology
Whitepaper by Matt Bromiley, a SANS Certified Digital Forensics and Incident Response instructor
Despite our best efforts, security practitioners are finding the same attacker return to their systems at least twice. Why is this happening? Are our detection methods working and if not, why not? This SANS whitepaper will look at the evolution of attackers, whether existing defences are working and how to improve our stance.
How to employ an effective deception strategy
Discover some of the key challenges organisations are facing when it comes to understanding different adversaries, and how you can effectively remediate. Often organisations find themselves unprepared to tackle even some of the simplest of techniques employed by cyber attackers – this has led to unprecedented success and longevity, because many adversaries use these gaps to their advantage as they sweep through corporate and IoT networks.
What will you learn?
Readers will learn techniques used to identify, remediate and eradicate attackers as well as tips for successfully using deception techniques, including traps and lures. A case study will illustrate key recommendations.
This whitepaper from SANS will cover the following:
- The different types of deception techniques
- Requirements for a successful deceptive strategy
- The correct and incorrect approaches to deception technology
- Detailed case studies
Get your copy of the report!
Complete the form and receive a copy of the whitepaper to learn more about how deception technology can help you address cyber adversaries.
Read our privacy policy for details on use and storage of your personal data
Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.
