Hunting with Cyber Deception and Incident Response Automation

SANS webcast on Hunting with Cyber Deception, hosted by Cymmetria Founder and CEO, Gadi Evron and Cymmetria Co-founder and VP Product, Irene Abezgauz. This webcast explores the use of cyber deception to hunt advanced threats, and includes a discussion on the use of incident response automation. Original recording date and time: January 18th at 1:00pm EST.

Hunting advanced attackers with MazeRunner

This training workshop (hosted by Cymmetria CTO, Dean Sysman) utilizes Cymmetria’s free general use platform, MazeRunner Community Edition, to show you how to set up deception across your environment. In this video, you will learn how to carry out exploitation and lateral movement across Windows and Linux machines.

Cyber Deception

Cymmetria’s cyber deception solution, MazeRunner, gives organizations the ability to detect threats, shape attacker behavior, and mitigate attacks. By turning an organization’s network into a labyrinth of high-risk navigational decisions, Cymmetria’s MazeRunner allows for unprecedented control over an attacker’s movement and activity in a network.

Introducing ActiveSOC

ActiveSOC lets you auto-investigate SOC alerts to filter out false positives. By automatically deploying deception tailored to specific suspicious behavior, ActiveSOC is able to create new intelligence out of below-the-threshold events. Download this whitepaper to learn how you can automate incident response decision-making to decrease analyst workload and SOC costs.  

Incident response

There are several ways to use MazeRunner in incident response. Below are a few examples from our customers: “Wake the dragon” – MazeRunner is deployed alongside incident response, and new, interesting assets can cause attackers to reveal themselves by attacking deception elements deployed by MazeRunner Post-remediation assurance – MazeRunner provides assets for attackers to target …

Incident response Read More »

Personalized threat intelligence

Typically, data is collected by someone else’s honeypot, is about threats that target them (not you), and is often out of context. With deception, attackers think they are successful, while MazeRunner collects valuable information that is in context, local to you, and highly enriched. This can include showing the originating source, attacked service, credentials used, commands …

Personalized threat intelligence Read More »

Scroll to Top