Cheshire Cat’s Lessons from Concealment and Misdirection
Cyber trickery has come a long way from deploying honeypots on external interfaces to investigate attack activity. Today, deception techniques have matured enough to be considered an essential feature of a zero-trust architecture by savvy CISOs, especially in the following use cases:
• Detection of internal threats
• Ransomware
• Active Directory protection
• Identity and credential protection
• Unmanaged device protection
Today’s modern tricks go beyond placing baits and baits inside networks. Innovations in stealth techniques derail attackers, especially with advanced credential attack techniques. By hiding and denying access to sensitive or privileged production credentials, objects, and data, attackers can only see the bait on endpoints and Active Directory.
Unleash the Cheshire Cat and bring chaos to the attackers. Join this session to learn more about the deception going on in simple honeypots and honey tokens, their position in a zero trust environment, and the role of concealment in misleading and disinforming attackers.
guest speaker
Joseph Salazar – Attivo Networks
Joseph Salazar is a veteran information security expert with over 25 years of military and civilian experience. He served as a retired major in the U.S. Army Reserve for 22 years as a counterintelligence agent, military intelligence officer, and cybersecurity officer. In his civilian career, he has been a Systems and Security Administrator, CSIRT Analyst, Security Operations Manager, and Computer Forensics Investigator. He holds CISSP, CEH, and EnCE certifications, holds a BA in Legal Studies from UC Berkeley, and currently works in Technology Marketing for Attivo Networks. Joins host Gary S. Miliefsky, Chairman of Cyber Defense Media Group, and publisher of Cyber Defense Magazine.
Fair Use Notice: “Fair use” laws allow other authors to make limited use of the original author’s work without permission. Under 17 US Code § 107, “It is not copyright infringement to use copyrighted material for purposes such as criticism, commentary, news reporting, education (including multiple copies for classroom use), scholarship, or research.” As a matter of policy, fair use is based on the belief that the public is free to use portions of copyrighted material for the purposes of comment and criticism. Fair use privileges are perhaps the most important restrictions on the exclusive rights of copyright owners. Cyber Defense Media Group is a news reporting company that reports cyber news, events, information and more free of charge on its website Cyber Defense Magazine. All images and reporting are conducted exclusively in accordance with the fair use of US copyright laws.