Blog  

Alerting Attacker Behavior | Threat Deception in A Minute

Our series, Threat Deception in a Minute, is back. This time, we will be focusing on how you can use the CounterCraft Cyber Deception Platform to create high-fidelity alerts that correspond to specific attacker behavior.

You’ve set up a deception campaign and event data is rolling in. But maybe time for analysis is limited, or the event data is handled by another team, like a SOC. Our platform is built to deal with these issues—on the CounterCraft Cyber Deception Platform, you can easily set up alerts that are triggered by specific behavior patterns with just a few clicks.

This will help you go from a sea of events to specific, trustworthy notifications that can alert you and your global team either through the CounterCraft platform or through your system of choice.

To set it up, all you have to do is:

1) First, open the CounterCraft Cyber Deception Platform.
2) Select the event you want to focus on from the Data Explorer.
3) Click on the expandible menu and select the ‘Generate Rule’ option.
4) Once you have narrowed down definition of the rule trigger pattern, click on ‘THEN’ and choose ‘CONSOLE’. (“Console” is our name for the web app that controls the system.)
5) Set how you want the alert to look and click ‘END’ to give the alert a name and description.
6) Activate by clicking ‘ENABLE’ and ‘SAVE’.

Now, anytime the trigger is detected, you will receive an alert within the platform, by email, or even to your phone via a messenger app like Signal.

Watch the video to see the platform in action.

This new series, Threat Deception in a Minute, highlights just how simple it is to get powerful deception technology set up in your system. Whether you’re a current customer or wondering what it’s like to utilize deception, you’ll find these videos quick, interesting and helpful.

Like Jim Morrison said, this is the end. But you can...