Deception tactics in cybersecurity are designed to move the cybersecurity strategy of an organization from a reactive to a proactive defense. Deception Technology is defined as any technology that aims to disrupt an attacker's activities by purposefully misdirecting or misleading the intruders so that they reveal themselves and, in the best possible scenario, their true intentions. Network Traps, sometimes referred to as ‘Honey Pots’ or ‘Honey Traps’, are a form of Deception Technology that exist in parallel to an organization’s real network and endpoint assets.
This white paper explains how network traps or decoys are employed for proactive threat hunting, including exploring the concepts of lateral movement, false positives and using multiple protocols to identify APT breaches.