Thanks to Tushar Kothari, CEO at Attivo for taking the time to share his new deception-based threat detection software.
Q: What is the security strategy you are advising clients to pursue?
A: We believe it's time to focus on detection. Perimeter defenses have morphed. Perimeter defenses cannot prevent penetrations of the network. We recommend using detection and deception to turn the tables on hackers.
Q: What are some use cases of your technology?
A: We are able to detect lateral movement within the network early enough to neutralize the hacker before they are able to access sensitive information. In one case, it was an employee accessing information he was not authorized to access and he was terminated.
Q: How has the cybersecurity landscape changed?
A: We are changing the game of the attacker. Deception-based threat detection is efficient, cost-efficient, and highly efficacious. Attackers use a variety of different methods to get in the network. Technology can scale up deception-based software and scale-up with self-deploying software since prevention alone is not enough.
Q: How do you help your clients?
A: Evaluating deception technology is both an art and a science. We provide a service of how to best deploy detection at scale. We've invested in the tools and personnel so our clients don't have to. We have two types of clients: 1) Fortune 500 with plenty of monetary and personnel resources where we are filing a gap in their security arsenal. 2) Smaller companies with fewer resources like a healthcare company with four security people who do not have the bandwidth to go through hundreds of false positives. We focus on what's really happening with focused alerts.
Q: What do you see as the future for security?
A: There will be more serious attacks as companies move to the cloud and containers. We need to detect threats everywhere and deploy deception across the infrastructure.
Q: What do developers need to do to improve the security of their code and applications?
A: Move beyond prevention to detection. Many companies focus only on prevention and we see a new headline of a major hack every day. Do more to detect hackers inside and neutralize them before they are able to do damage.
Q: What else do we need to consider with regards to security?
A: Deception is ready for prime time. For Fortune 500 companies, it's scalable and is available today. It operates in an environment without friction and is able to scale across geographies. CISOs and their team can self-deploy and it's a simple add-on when DevOps is releasing code.