Detect external threats –

Reduce the likelihood of breaches.

Who is it for?

Threat Intelligence Managers.

What is the problem?

Threat Intel feeds have low impact. They contain generic information directed at an industry vertical. The information often arrives late.

Threat Intel Managers want high-impact data that is targeted, timely and can be easily shared with other teams.

CounterCraft’s threat intel campaigns collect high-impact data that is targeted and timely, from the organization’s own external attack-surface.

These campaigns concentrates on external services and cloud services only:

The Deception Director deploys a mix of breadcrumbs on the Internet: S3 buckets, Shodan, GitHub, PasteBin, domain names, documents, etc.

The Deception Director deploys cloud-based services on the Internet: Office365, Google Suite, etc…

The Deception Director deploys internet-facing services from local or cloud hosting: Web Applications, Containers, Blogs, Databases, FTP servers, etc.

Once deployed the campaign collects all adversary interactions and enriches raw data to provide threat intel insights.

Pre-Breach Graph Pre-Breach Graph

Cyber Deception helps clients by providing real time contextualized threat intelligence unique to them.

Rapidly detect insider threats

Detect adversarial pre-attack activity before any network breach has occurred an external deception platform is the only cybersecurity product that can provide this capability.

Zero impact

Profile your adversaries. Collect intel describing the TTPs, intentions, and motivations of attackers without increasing the risk profile of your organization.

Profile your adversaries

Deliver high-impact threat intelligence generated by targeted attacks against your organization in real-time.

Manage attacks

Reconfigure other IT Security systems with the Threat Intel data provided by CounterCraft in real-time to boost enterprise security.

Speak with an expert

Industry: Goverment

Role: CISO Equivalent

What was your goal?

To identify external threats to our organization for a new web-based system.

Why did you choose deception?

Deception was the best way to quickly and efficiently evaluate the level of external reconnaissance focused on us. Using the CounterCraft platform allowed us to interact outside the traditional perimeter of our organization, in fact the whole campaign was cloud based.

What results did you achieve?

The results for us were very interesting, we were able to identify three types of activity directed towards us - including the threat of external systems being used for cryptomining. By analyzing activity patterns and the adversary TTPs gathered we are able to feed this data back into our security design process immediately and reinforce the new system that is currently being deployed.

Speak to an expert if you would like to see how you could apply cyber deception to obtain contextualized threat intelligence in real time.

Speak with an expert