What is it about?
Cyber security is traditionally based on three strategic pillars: prevention, detection and response.
All three are designed to manage threats that affect their systems, particularly those that handle data that is critical to the business or otherwise sensitive.
If alongside the “real” systems we place suitably monitored fictitious systems, which reproduce the services and characteristics of the former, we can introduce a fourth defensive option: deception. That is, the deception: honeypots, deliberately vulnerable systems, designed to attract and trap the malicious in the network.
This allows for greater visibility and understanding of both details of the attack and the steps in an infection process, from which timely threat neutralisation processes can then be triggered.
In addition, honeypot reports are not false positives: real users do not have access to these systems, which they cannot even detect.
CryptoNet Labs offers its TrapCore platform, based on containerisation technologies, to distribute flexibly, update and manage honeypot probes located on the Internet or on the internal network. These probes are customised according to the IT services infrastructure (or even ICS/SCADA) of the customer.
A central console allows to collect and explore the details of the probes’ reports, as well as to provide the appropriate views on dashboards and graphs for the analysis of suspicious events.
CryptoNet Labs can integrate TrapCore, which it fully controls, via API with other corporate security systems (SIEM, firewall, IPS, endpoint protection or other).
Who can benefit from it
Organisations with a security team (or an internal NOC/SOC structure) to constantly monitor and manage any attacks and infections, without impacting the customer’s production infrastructure.