white paper

Understanding the Adversary with Deception Technology

Whitepaper by Matt Bromiley, a SANS Certified Digital Forensics and Incident Response instructor

Despite our best efforts, security practitioners are finding the same attacker return to their systems at least twice. Why is this happening? Are our detection methods working and if not, why not? This SANS whitepaper will look at the evolution of attackers, whether existing defences are working and how to improve our stance. 

How to employ an effective deception strategy

Discover some of the key challenges organisations are facing when it comes to understanding different adversaries, and how you can effectively remediate. Often organisations find themselves unprepared to tackle even some of the simplest of techniques employed by cyber attackers – this has led to unprecedented success and longevity, because many adversaries use these gaps to their advantage as they sweep through corporate and IoT networks.

What will you learn?

Readers will learn techniques used to identify, remediate and eradicate attackers as well as tips for successfully using deception techniques, including traps and lures. A case study will illustrate key recommendations.

This whitepaper from SANS will cover the following:

Get your copy of the report!

Complete the form and receive a copy of the whitepaper to learn more about how deception technology can help you address cyber adversaries.

Read our privacy policy for details on use and storage of your personal data

sans institute logo

Matt Bromiley is a SANS Certified Digital Forensics and Incident Response instructor, teaching Advanced Digital Forensics, Incident Response, and Threat Hunting (FOR508) and Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response (FOR572), and a GIAC Advisory Board member. He is also a principal incident response consultant at a major incident response and forensic analysis company, combining experience in digital forensics, incident response/triage and log analytics. His skills include disk, database, memory and network forensics, as well as network security monitoring. Matt has worked with clients of all types and sizes, from multinational conglomerates to small, regional shops. He is passionate about learning, teaching and working on open source tools.