Posted by: Moshe Ben Simon, Vice President and Co-Founder
A couple of weeks ago, Global Industrial, Inc. (not their real name) scheduled a proof of concept (POC) with TrapX to evaluate DeceptionGrid. It just so happened that the POC ran at the same time that Global Industrial underwent their quarterly penetration testing.
The Pen-Test is carried out by a very prestigious and well known cyber defense firm. This top firm is regularly hired by national and local governments as well as major commercial enterprises. Their objective is to use all means and tools at their disposal to penetrate their client’s cyber defenses. They could use social engineering, research, email based tools, malware, and anything else they can think of to attack and penetrate a network. This top cyber “white hat” attack team is successful, almost every time, in penetrating their targets.
The penetration test ran for several weeks and, from my point-of-view, the results were excellent:
- DeceptionGrid automatically determined that the Pen-Test attackers were using two different internal IP addresses
- The “white hat” attackers identified DeceptionGrid traps as valuable and vulnerable assets during their reconnaissance and network mapping process
- The “white hat” attackers spent hours to attack our Traps using multiple tools and techniques during their lateral movement activities
- DeceptionGrid captured and tracked the use of the hacking executable files which included exe, mimilove.exe, and fgdump.exe as well as malicious binaries and scanning tools
The moment Global Industrial’s SOC team was alerted by DeceptionGrid, they were able to blunt the attack which prevented the removal of assets or network damage. I am pleased and proud to say that DeceptionGrid has met the challenge yet again. Everything worked as it should and the POC was a tremendous success. TrapX has met and exceeded our (now) customers’ expectations once again.
Please contact TrapX if you want to know more about this POC or try DeceptionGrid within your enterprise.