Deception technology products can detect, analyze, and defend against zero-day and advanced attacks, often in real time.
They are automated, accurate,[1] and provide insight into malicious activity within internal networks which may be unseen by other types of cyber defense.
Deception technology considers the point of view of human attackers and method for exploiting and navigating networks to identify and exfiltrate data.
Deception technology automates the creation of traps (decoys) and lures, which are strategically integrated among existing IT resources.
On the other hand, lures typically consist of real information technology resources, such as files of different types, that are placed on actual IT assets.
Due to advancement in the area of cybersecurity, deception technology programs are increasingly proactive in approach and produce fewer false-positive alerts.
Internet of things (IoT) devices are not usually scanned by legacy defense in depth and remain prime targets for attackers within the network.
A honeypot appeared simply as an unprotected information technology resource and presented itself in an attractive way to a prospective attacker already within the network.
Traditional cyber defense technologies such as firewalls and endpoint security seek primarily to defend a perimeter, but they cannot do so with 100% certainty.
Security operations personnel cannot process most of the activity easily, yet it only takes one successful penetration to compromise an entire network.