TrapX's DeceptionGrid Version 5 Sports Forensic and Analytics Capabilities

By CIOReview | Friday, October 30, 2015

SAN MATEO, CA: Deception-based cyber security defense is reliable methodology to beat down advanced persistent threats (APTs). Extending their deception-driven offering, TrapX- a distributor of cyber security solutions is rolling out ‘DeceptionGrid version 5’ sporting forensic and analytics capabilities.

With an objective to enable businesses and governments to utilize internet in more reliable and safe way, TrapX suite of solutions lessen the gap between the potential attackers and existing cyber defense tools protecting vulnerable enterprises. TrapX flagship product DeceptionGrid- a deception oriented solution rapidly that detects, analyzes and defends camouflaged malicious activities, while facilitating pro-active security posture. Real-time automation offers a comprehensive assessment directly to security operations team (SOC). It automates the deployment of a network of hidden malware traps that are integrated with the organization’s real information technology resources.

With the release of DeceptionGrid version 5, TrapX will be able to help its customers to curtail the time-to-breach detection of attackers that have penetrated their networks. It develops SOC teams' the ability to conduct Dynamic Deception Operations (DDO) by bestowing fake "remote shell" environments for both Windows and Linux emulations. Version 5 provides static and dynamic forensic analysis of the unfolding attack from initial session connection through the point of infection.

The core functionality of DeceptionGrid includes Sandbox Analysis for immediate inspection of any unknown activity which is later transferred and isolated in a sandbox server, Integrated Event Management database to share and integrate actionable threat intelligencewith customer’s existing security systems in the network and threat intelligence engine which builds a profile of the attack vector. Additionally it also provides packet inspection of outbound traffic to determine malicious behavior on existing servers, in turn avoiding performance and latency problems associated with DPI.