Digital Anarchist RSAC 2020: Stop Chasing Alerts. Start Catching Attackers.
Digital Anarchist interview with Ofer Israeli, Founder and CEO at Illusive Networks
How do organizations move beyond trying to keep out the bad guys and more effectively detect the threat actors who still find a way in? How do we efficiently catch malicious actors, including insiders, early in the attack lifecycle, especially when they use tactics that make use of assets native to the environment and generate what appears to be normal looking user behavior and activity?
Modern networks now push unheard of amounts of data throughout their ecosystems per month. To discover malicious east-west network traffic, organizations are turning to Artificial Intelligence (AI) and Machine Learning (ML) to monitor data streams more efficiently, but is this the answer? In too many instances, rather than applying big data techniques to solve attack detection, big data has turned Security Operation Centers (SOCs) into alert generating machines for which teams are not staffed to respond.
In this video, Ofer Israeli, CEO and Founder of Illusive Networks, sits down with Alan Shimel, Editor in Chief of MediaOps at RSAC 2020 to discuss how distributed, endpoint-based deception technology is helping deliver incontrovertible detection of attacks in motion, which enables organizations to begin building new forms of automated response armed with precise, source-based forensics.
In the discussion, Ofer shares how Illusive is helping companies focus on running their business, not who’s attacking them. Rather than ‘probablistic’ alerts that consume significant IR resource cycles that end up as false alarms, Illusive deception technology is an easy to stand up and manage ‘deterministic’ solution for early attack detection.
Points discussed in this video:
- Rather than apply AI and ML approaches that often end up as alert machines, flip the dynamic to a state of detection accuracy where a notification truly means it’s game on
- While important to keep the bad guys out, anticipate some will get in. Harness the power of deception to paralyze and disorient attackers from the lateral movement they need to execute their attack
- Leverage use of Illusive deceptions to fight attackers where they live―in the shadows―to catch malicious activity that other monitoring tools see as normal behavior
- Improve SOC productivity with automated response to real threats, not wasting valuable time on false positives
- See what you’re missing. Free Illusive Attack Risk Assessments take half a day, delivering a full report about your current vulnerabilities