CounterCraft´s deep expertise in cyber security, applied digital counterintelligence methods, and related technologies has paid off in the new CounterCraft Cyber Deception Platform. Our recent awards from Red Herring and the 2018 Info Security Product Guide have generated a lot of industry buzz. People are taking notice of our enterprise-grade scalability, use of software containerization, modular architecture, and advanced orchestration capabilities. Customers using the CounterCraft Cyber Deception Platform are ready to take on determined, advanced, persistent threat actors who mount complex attacks against their systems and information assets.
Our platform includes four primary components—Deception Assets, Deception Support Nodes, the Deception Director, and the Console. Here’s a closer look at each.
Deception Assets
A comprehensive portfolio of deception assets range from simple breadcrumbs to fully containerized complex servers loaded with deception services and material. Customers can create and deploy hundreds—or thousands—of deceptive assets that match their existing ICT estate, regardless of whether infrastructure is based on-premises, in the cloud, mobile, or on social technology.
Deception Support Nodes
These are specialized server instances that intermediate traffic between deception assets and the Deception Director. Deception Support Nodes can be deployed internally, outside of the organization, in the cloud, on premises, or in mobile environments—giving customers huge flexibility to easily scale deception assets across their entire environment. These nodes also enable customers to customize assets and balance traffic for specific trust or security enclaves.
Deception Director
The Deception Director is the heart of the CounterCraft Cyber Deception platform. It delivers all of the platform’s design, deployment, monitoring, analysis, and export capabilities. It creates deception logic for the customer’s unique environment and orchestrates the complete lifecycle of deception assets.
The Console
Our web-based interface puts the power of our platform at the disposal of security operators and incident responders, deception planners, engineers, and threat analysts. Its context-driven pages deliver tailored views of the environment based on access privileges, user type, deception stages, as well as views of multiple tenant environments in the case of MSSPs.
Delivering Actionable Intelligence to Your Team
Cyber defenders need specific, relevant, actionable intelligence to respond appropriately to an incident. We’ve built many unique capabilities into the platform that simplify lifecycle management across the deception environment. They include:
Design: Cyber defenders can quickly and easily design a tailored deception environment through the console:
- Pick-and-play deception assets that mimic the customer environment
- Pre-packaged server configurations
- Pre-defined architectural placement options based on best practices
Deploy: Push deception assets out quickly with minimal intervention required:
- Automated deployment
- Integrated Ansible playbooks for simplifying configuration, deployment, and orchestration
Manage: Easily integrate CounterCraft with existing operations:
- Supports in-house, outsourced, and multitenant environments
- Flexible integration with a variety of SOC and Threat Analysis and Management systems
Respond: Detect, observe, and respond to live attacks:
- Real-time view of attacks as they happen
- Real-time, detailed telemetry of attacker activity at every stage of an attack
- Automatic identification and delivery of attacker Tactics, Techniques, and Procedures data
- Ability to steer, deflect, and block attackers as desired
Analyze: Create actionable cyber threat intelligence based on your real-world environment:
- Visualized attack behaviors and Indicators of Compromise (IOC)
- Threat analysis via the console or in a SIEM or threat intelligence solution
- Shared intelligence via standard protocols (STIX 2.0, OpenIOC, MISP)
- RESTful API for deep integration with other systems
Don’t Go It Alone
We offer a range of professional services that help customers maximize the CounterCraft Cyber Deception Platform for their organizations. We also partner with service providers and MSSPs to help teams accelerate protection against advanced persistent threats and other cyber attacks.
This is just the start. Now that you’ve had a quick look under the hood, take the next step and contact us for a demo. See why CounterCraft is the right enterprise-class deception platform for protecting your organization.