TrapX might be operating in the digital world but it is building on an age old principle of using deception as a means of defence.
CEO Gregory Enriquez told CBR: "Deception technology is 4000 years old. Go back to Sun Tzu there’s deception technology. If you look at medieval times, they put fake cannons out there with logs, or if you look at WW2 and WW1, they used faked systems."
The firm applies this principle in what Enriquez believes is "a war for cyber defence" because "you have to use war tactics to win." It sets traps in networks by emulating network assets as lures to attract hackers and alert customers to an intrusion.
It all sounds rather like a traditional honeypot, but TrapX says its its product is an improvement as previously IT organisations "had to build an image of your system to make a honeypot, and then they have to manage that, so that takes time."
"You had to use a real operating system which would cost money", says Enriquez, and additional problems would be caused when a vendor wanted to update the operating system.
"When you do what we do you don’t have to manage it because we do that for you in an automated fashion, you don’t have to update it because it’s not a real operating system, others don’t know it’s there because we whitelist it we hide it from good people, but we’re vulnerable to bad people."
He says that "The reason we get touched though is because often the attack has to go out and scan the network to determine what he wants. Rarely do they get to the person they want first time. They want to get access to the system and escalate further."He claims that TrapX can find an attack in under 10 minutes.
Surely though, once an attack is roaming around your network it’s all a bit too late. Aren’t firewalls a better investment for companies? "We believe that perimeter defences will fail", says Enriquez. The product can be used as part of a layered security approach. "I think a layered defence is still required," says Enriquez.
TrapX was founded by Moshe Ben-Simon and Yuval Malachi. It is now a partner of Intel Security, as part of its Security Innovation Alliance, and has received investment from Intel Capital. It’s links with Intel Security mean that its findings go through the EPO, to alert others of malware.
Despite being thousands of years old, the art of deception is continuing into the modern age.
This article is from the CBROnline archive: some formatting and images may not be present.