The Architecture of Choice
DeceptionGrid automates the deployment of a network of camouflaged malware traps that are intermingled with your real information technology resources. The traps appear identical in every way to your real IT assets. Once malware has penetrated your enterprise, it starts moving laterally to find high value targets. Just one touch of the DeceptionGrid by malware sets off a high confidence ALERT. Real-time automation isolates the malware and delivers a comprehensive level 3 assessment directly to your SOC team.
Virtualized Malware Traps
DeceptionGrid automation provisions a network of potentially hundreds to thousands of camouflaged malware traps across your organization. The existing network topology is detected automatically and used to create a camouflaged network of emulated systems including servers, switches, databases and applications all intermingled with your real IT assets. Spin data is also used to misdirect and delay attackers.
Real-time automation isolates detected malware and places it within a sandbox server. DeceptionGrid forensics completes both a static and dynamic analysis and delivers a comprehensive assessment directly to your security operations center (SOC) team.
Integrated Event Management and Threat Intelligence
Information from this automated analysis is pulled into the management system, tagged with a unique ID, and then stored within the integrated event management database. The business intelligence engine takes this event data and builds profiles to detect and prevent future attacks. Threat intelligence is layered into that analysis and allows for swift remediation of known attacks against IT assets.
Advanced Botnet Detection
Botnet detectors monitor outbound activity on real hosts based upon information about malicious activity spotted within decoy systems.
Deploy in the Cloud or On-Premise
DeceptionGrid is designed to deploy rapidly to support the requirements of the largest enterprise. Our automation enables your IT team to complete full deployment in typically just a few hours. We can also deploy DeceptionGrid through the Managed Security Service Provider (MSSP) of your choice. DeceptionGrid's security operations console provides MSSP's with support to monitor the status of large numbers of customers.
About TrapX Security
TrapX Security is a leader in the delivery of deception based cyber security defense. Our solutions rapidly detect, analyze and defend against new zero-day and APT attacks in real-time. DeceptionGrid™ provides automated, highly accurate insight into malware and malicious activity unseen by other types of cyber defense. We enable a pro-active security posture, fundamentally changing the economics of cyber defense by shifting the cost to the attacker. The TrapX Security customer base includes global 2000 commercial and government customers around the world in sectors including defense, healthcare, finance, energy, consumer products and other key industries.