Acalvio: The Art of Deceptive Defense

Follow Acalvio on :

Nat D. Natraj, Co-Founder and President
“All warfare is based on deception…” -Sun Tzu.

While war and its many connotations have changed over the years, the principle still holds— adversaries present seemingly bona fide realities to confuse and misinform the opponent into making a mistake, and inevitably expose his weakness. Today the battlefield is cyberspace and the war, is over data, intellectual property and information assets; information that we take for granted, now is a kingdom worth defending. If anything, cyberattacks in the last decade have shown the relevance of Tzu’s tactics. Autonomous deception leads the way for a more agile way of detecting, engaging and responding to malicious activity within a network, the very forte of Acalvio.

“In computer security, the enterprise is dealing with an asymmetric war, one where the defendant needs to be right all the time while the attackers need only be once, with no penalties for retrying,” says Nat D. Natraj, Co-founder and President of Acalvio. The company seeks to even the odds, or better still, invert it all together so that even an iota of error on the wrong actor’s part would lead to their discovery in the system. They do so by creating deceptive systems, with assets that look as real as the real deal, undetected by the enemy. The moment that the adversary touches the decoy, the Deception Fabric instantly knows of a potential breach. Acalvio creates a fake network with specific vulnerable points as bait and thus confuse, delay and then catch the attacker red-handed.

Nowadays the risk is high with trends like BYOD, IoT and SaaS, the traditional notion of a well-defined, and a clearly-marked perimeter no longer apply. Our perimeter is porous not due to negligence but by design. Our perimeter defenses (firewalls, endpoint security) are working just fine, it is just that our business imperatives have encompassed BYOD, IoT and SaaS, thus necessitating an advanced defense mechanism. Threats have to be detected with very high precision (low false positives) and in a timely manner, which is where the deception comes into play.

In computer security, the enterprise is dealing with an asymmetric war, one where the defendant needs to be right all the time while the attackers need only be once, with no penalties for retrying

Acalvio can do this at Enterprise scale and even IoT Scale, from the cloud and for the cloud. By scanning the network of an enterprise, or by consuming vulnerability manager data, Acalvio can develop an asset topology and it’s AI engine can generate (realistic looking) fake assets and subsequently automate the deployments of decoys at Enterprise Scale. The decoys can be deployed from an on-premise appliance or from the cloud to protect on-premises or cloud assets. The solution can do cloud to cloud decoys, on-premise to cloud decoys, cloud to on-premise or on-premise to on-premise, Acalvio are very flexible in that respect. ShadowPlex provides dashboards that can be used by IR/SOC personnel. In addition, ShadowPlex provides APIs so that its Deception capabilities can be integrated with 3rd party IR, SOC, SIEM, Service Management solutions.

The company will be increasing their channels of capabilities around the market adding new and different kind of decoys of different types of verticals like the retail industry and healthcare. They see huge growth in the cloud, and as more people move to the cloud. The rising tide of attacks may mean that companies stay ever vigilant on the back foot, but with Acalvio, the attackers would no sooner be caught with their paw in the jar.


Santa Clara, CA

Nat D. Natraj, Co-Founder and President

Leveraging their platform " ShadowPlex", they provide innovative defense solutions in Cloud, AI (Artificial Intelligence) and SDN (Software Defined Networking). The solutions are anchored on patented innovations in Deception and Data Science. This enables a DevOps approach to ATD, enabling ease of deployment, monitoring and management. Acalvio enriches its threat intelligence by data obtained from internal and partner ecosystems, enabling customers to benefit from defense in depth, reduce false positives, and derive actionable intelligence for remediation. The firm allows security practitioners in detecting, engaging and responding to malicious activity with high precision in a timely and cost-effective fashion