Deception plays an instrumental role in detecting attacks early, before damages can be done. 

Unlike UBA and other monitoring detection, deception is designed to catch the early reconnaissance and credential harvesting vs. trying to learn patterns or assess anomalies that get lost in endless logs and false positives. Deception is engagement-based so instead of telling you there is a needle in a haystack, it will provide you with the needle and when using Attivo, provide the attack detail behind the incident.

Organizations change the asymmetry on attackers by placing high-interaction traps and lures that efficiently reveal an attacker’s presence.