cybersecurity

Free masterclass: Writing honeypots

Cymmetria co-founder and CTO, Imri Goldberg, hosts a training session on writing honeypots. This webinar includes concrete techniques and examples, as well as instructions for using the open source honeypot platform, Honeycomb (https://github.com/Cymmetria/honeycomb), to utilize existing infrastructure and gain exposure for your honeypots. Watch the webinar to learn about researching an existing product and catching …

Free masterclass: Writing honeypotsRead More »

Using cyber deception to catch entrenched attackers

When we talk about deception, we usually talk about detecting and preventing an attacker from executing lateral movement and accessing organizational assets. This post discusses using deception to actively catch an attacker who’s already deeply and comfortably entrenched in the network, and is a primer to our soon-to-be-released whitepaper on the same subject. What’s different …

Using cyber deception to catch entrenched attackersRead More »

Deception and the SingHealth breach: the anatomy of an attack that could have been prevented

Personal data of 1.5 million SingHealth patients has been compromised in what is being described as Singapore’s worst data breach to this day. According to analysis of the SingHealth breach by multiple sources, including the Cyber Security Agency of Singapore, the attack was a sophisticated one. The attackers are said to have had a high …

Deception and the SingHealth breach: the anatomy of an attack that could have been preventedRead More »

General Data Protection Regulation and Deception Solutions

The GDPR is the European Union’s General Data Protection Regulation. Its main objective is to protect EU residents’ data privacy, by homogenizing data privacy laws across Europe and changing the way organizations around the world approach data privacy for EU residents. Since the GDPR came into effect on 25 May 2018, it is more important …

General Data Protection Regulation and Deception SolutionsRead More »

Anne Arundel County: The Cyber Security Capital of the Free World?

Update:  I wrote a blog that was published back on March 30, 2017, entitled Cyber Education: Why Not Start Early? My point was how shocked and disappointed I was that there was no cybersecurity program in the Anne Arundel County Public School System here in Maryland.   Anne Arundel County is the cybersecurity capital of the free world. It …

Anne Arundel County: The Cyber Security Capital of the Free World?Read More »

Marcus Alldrick, previously at Lloyd's of London, joins Cymmetria as Chief Risk Officer

It is my honour to write this blog introducing Marcus Alldrick, who is joining Cymmetria as Head of Risk. I first met Marcus in 2005, at a European CISO conference. At the time he was CISO for Abbey, following a long career in information security in the UK. In fact, he was the chair at …

Marcus Alldrick, previously at Lloyd's of London, joins Cymmetria as Chief Risk OfficerRead More »

dashboard

A new year, a new version of the MazeRunner Community Edition!

2017 has been an exciting year for Cymmetria. We’ve seen deception gain popularity, and our products are now used by some of the world’s largest organizations, as well as many of the coolest smaller ones. While we’re focusing a lot of our efforts on deployment automation and overall scalability for enterprises, we are committed to …

A new year, a new version of the MazeRunner Community Edition!Read More »

Linux SSH interaction

Unexpected challenges: Allow SSH service on Linux decoys to accept any user and password

When customers started using Cymmetria’s MazeRunner on an Internet-facing interface, we were a bit surprised. Perhaps we shouldn’t have been; after all, honeypots have been used that way since their inception. But modern cyber deception is about controlling the attacker’s path once they are already inside your network, and detecting them—fast. Thus, some of our …

Unexpected challenges: Allow SSH service on Linux decoys to accept any user and passwordRead More »

Scroll to Top