Our blog is a playground with fresh ideas about security and our approach.

14 Sep

Why Every CISO Needs to Track Insider Threats More Proactively


When it comes to looking at how to deal effectively with insider risk, not many security leaders will be thinking of deploying cyber deception to deal effectively with this problem. In fact, many leaders may think intuitively that the problem belongs in a different department (legal, internal investigations, etc.) and it is not part of their remit. However, every CISO needs to be part of the stakeholder group that deals with insider risk.

27 Aug

Active Defense with MITRE Shield


TL;DR - Quick Overview MITRE has released Shield this August to great community approval. Shield is the defensive partner to the well known ATT&CK Matrix that defines threat actor activity. Shield is a set of defensive techniques that defend and protect against specific threat actor actions. This is a massive step forward for defensive teams in conceptualising and communicating defensive tactics, techniques and procedures. CounterCraft has already integrated the Shield Matrix and ATT&CK mappings into our proactive defensive platform.

24 Aug

Cyber Deception, Tailor-Made Defense Based on Your Insight


It’s pretty common to think about security as a whole, to think about it as a uniform process where all the information needs to be safeguarded. It’s true that you have to protect all your infrastructure and data, but it’s also true that not all your information is equally sensitive. There are probably some assets that require extra attention, some that pose a bigger risk in case they are compromised. It makes sense then to make more of an effort in order to protect what can do the biggest damage.

10 Aug

Boosting OT Security with Cyber Deception


The aim of this article is to present a couple of use cases where deception technologies can be used to provide an extra dimension to Operational Technology (OT) networks. Firstly, we need to define exactly what we mean by an OT network. An OT network is the information infrastructure deployed for non-IT systems. These can be as varied as oil-well head pumps to medical devices; machine-tools to power station control networks.

28 Jul

Detect Threats Earlier with CounterCraft’s Threat Intelligence Services


Stop cyber threats in their tracks and protect your remote workforce with the all new CounterCraft’s Threat Intelligence Services. These services-as-a-service go live to offer the kind of rapid support organizations are now seeking having been forced to adopt widespread remote working amidst the COVID-19 crisis – simply plug and play this cloud-based managed service to proactively protect the networks your colleagues and operations now rely on. Remote workers doing their best to adapt overnight have already faced an onslaught of damaging and malicious cyber attacks since varying degrees of confinement were enforced in the first half of 2020.

20 Jul

Am I Ready for Cyber Deception? Gartner Hype Cycle for Security Operations.


Gartner has released its Hype Cycle for Security Operations 2020 report. It is a thought-provoking read, spanning a diverse range of technologies. What I want to focus on here is the report’s approach to deception, where it stands in the hype cycle and how the level of maturity in your security operations may not be relevant to the central question: am I ready for deception? Let us begin by taking a look at where deception is in the hype cycle.

6 Jul

How Deception Technology Helps the Modern CISO


What makes deception technology a necessary part of a CISO’s overall security strategy? The simple answer is that it allows a CISO to address key pain points that are causing major operational challenges right now. It also provides valuable clarity to help keep leadership teams on-side. Let’s take a quick look at some of the key pain points: - Monetary cost per incident - Time to incident detection - Time to incident close

23 Jun

From Telemetry to TTPs: a Sample Analysis of a Mining Linux Botnet, Using Cyber Deception


One of the main challenges when investigating an incident is being able to convert all the raw data (typically logs) that you can gather into TTPs (Tools, Techniques and Procedures), or even better, into operational information. By using deception techniques we have a significant advantage over other security tools because, in theory, all activity collected from any deception campaign should be malicious per se. That’s a great help when trying to find the needle in the haystack, but in reality it is not so easy, as any machine or cloud service is usually running many other agents, processes or cron tasks that add a lot of noise to the instrumentation.

17 Jun

CounterCraft raises $5 million in a funding round led by Adara Ventures, and joined by new investors eCAPITAL and Red Eléctrica Group


CounterCraft announced it has secured $5 million funding. The investment will accelerate global growth as we focus on acquiring market share in the US with our cyber threat defense platform, following successful expansion across Europe and in the UK. David Barroso, CEO and Co-Founder, CounterCraft, said: “We are energised and delighted to announce concluding our latest funding round with a total of $5 million and to welcome eCAPITAL and Red Electrica Group to our list of specialized investor firms.

9 Jun

Are You Getting Value From Your Threat Intelligence Service?


Gartner has recently published the Market Guide for Security Threat Intelligence Product and Services by analysts Craig Lawson, Brad LaPorte, Ruggero Contu, John Collins and Mitchell Schneider, which provides end users with guidance on how to ensure that they are getting the best value from threat intelligence services. This excellent piece of research is extremely valuable for those that do not have a threat intelligence service and are currently looking at what potential options they may have.

Page 1 of 9