ShadowPlex Reviews & Product Details

Labyrinth creates the illusion of a real infrastructure vulnerability for an attacker. The solution is based on Points, a smart host simulation. Each part of the simulation environment reproduces the services and content of an actual network segment. The system consists of four components that interact with each other. The main components of the Platform are: Admin VM is the main component. All collected information is sent to it for analysis. The console notifies the security team and sends the necessary data to third-party systems. Worker a host/virtual machine for deploying a set of Labyrinth network decoys (Points) on it. It can work in several VLANs simultaneously. Several Worker hosts can be connected to the same management console simultaneously. Points are intelligent hosts that mimic software services, content, routers, devices, etc. Points detect all malicious activities within the corporate network, providing complete coverage of all possible attack vectors. Seeder agents deployed on servers and workstations imitate the most attractive file artifacts for an attacker. By creating various decoy files, the agent directs attackers to network decoys (Points) through their contents. The Platform automatically deploys points (decoys) in the IT/OT network based on information about services and devices in the network environment. In addition, decoys can be deployed manually, providing users with a powerful tool to develop their unique deception platform based on their specific needs and best practices. The Labyrinth provokes an attacker to act and detects suspicious activity. As the attacker passes through the fake target infrastructure, the Platform captures all the details of the enemy. The security team receives information about the sources of threats, the tools used, the vulnerabilities exploited, and the attacker's behavior. At the same time, the entire real infrastructure continues to operate without any negative impact.

FortiDeceptor is a non-intrusive, agentless deception platform designed to detect and neutralize active in-network threats by deploying decoy assets that mimic real network devices. By luring attackers into engaging with these decoys, FortiDeceptor enables early detection and response, effectively disrupting the attack kill chain before significant damage occurs. Key Features and Functionality: - Diverse Decoy Deployment: Supports a wide range of decoy operating systems, including Windows, Linux, SCADA, IoT, VoIP, ERP, Medical, SSL-VPN, and POS, allowing for realistic simulation of various network assets. - Deception Lures: Incorporates services, applications, or user simulations within decoy VMs to create authentic user environments, enhancing the effectiveness of the deception. - Token Distribution: Utilizes tokens—such as fake credentials, database connections, and configuration files—placed on real endpoints to guide attackers toward decoys, increasing the deception surface and influencing lateral movement. - Comprehensive Monitoring: Tracks attacker activities through detailed logging of events, incidents, and campaigns, providing insights into their methods and movements within the network. - Seamless Integration: Integrates with Fortinet Security Fabric and third-party security controls like SIEM, SOAR, EDR, and sandbox solutions to enhance visibility and accelerate response times. Primary Value and Problem Solved: FortiDeceptor addresses the critical need for proactive threat detection and response within networks. By creating a dynamic deception environment, it diverts attackers from sensitive assets, reduces dwell time, and minimizes false positives. This approach not only detects early reconnaissance and lateral movements but also provides detailed forensics and threat intelligence, enabling organizations to stay ahead of both known and unknown cyber threats. Additionally, its agentless design ensures minimal impact on network performance and stability, making it an effective solution for safeguarding IT, OT, and IoT environments.

Smokescreen was founded in 2015 to create the next generation of cyber-security detection and response systems. Our proprietary ILLUSIONBLACK platform detects, deflects and defeats advanced hackers in a manner that is false-positive free, and easy to implement. It effectively handles multiple avenues of attack and the limited response capabilities that most companies have.

Morphisec Endpoint Threat Prevention thwarts hackers with their own strategies like deception, obfuscation, modification, and polymorphism.

Tracebit generates and maintains tailored canary resources in your cloud environments, closing gaps in stock protection without time and cost intensive detection engineering.