Labyrinth Deception Platform v2.2.0: A New Level of Protection Against Attacks

One of the most important innovations is the new Active Directory Security / Deception module, which allows companies to deploy fake users and computers directly within the Active Directory structure to act as decoys for early detection and disorientation of cybercriminals.

This update significantly increases the effectiveness of threat detection mechanisms in environments like Active Directory, an attractive target for attackers.

How does it work?

The feature allows the creation of decoy users and computers, along with appropriate DNS records, which are automatically integrated into the environment. These decoys are integrated with the Labyrinth system as reference points – the so-called “Points” – designed to mislead attackers and divert their attention away from the actual resources of the company.

Every interaction with fake objects is actively monitored. In the case of login attempts, Kerberoasting or AS-REP-roasting attacks, the system generates an immediate alert, which can be linked to existing SIEM infrastructure, enabling effective response by security teams.

The Labyrinth Deception Platform has also been enhanced with a feature that increases an organization’s digital security – Dark Web monitoring. This new functionality enables the early detection of leaks of user credentials or sensitive cookies that may have been put up for sale or leaked on underground marketplaces.

Data credential leaks to corporate resources pose one of the greatest threats to an organization’s security. Thanks to integration with the Dark Web Monitoring feature, Labyrinth enables immediate response to incidents, before they can lead to real losses or breaches of internal systems.

The Labyrinth Deception Platform also introduces the Point Attachments functionality, which involves attachments to decoy points. This allows companies to add their own files – such as database dumps or file archives – directly to decoys in a honeypot environment. This creates much more realistic and convincing decoys that more accurately mimic the organization’s actual resources. In turn, this increases the chances that attackers will target a fake point instead of the real system.

Key benefits:

• Improved attack detection – realistic decoys are more likely to attract attacker attention.
• Flexibility – companies can introduce their own data, creating decoys perfectly tailored to their IT environment.
• Better data protection – thanks to earlier detection of adversary activity, quicker action is possible before they threaten real systems.

The Labyrinth Deception Platform has undergone significant improvements for Windows OS points. The previously available Windows 10 Host point has been replaced by a range of new, configurable types of Windows operating systems – from desktop to server versions.

Why is this important?

• Better mimicry of real environments – a greater selection of system versions makes decoys more credible and more closely aligned with an organization’s infrastructure.

Version 2.2.0 is not just a set of new features – it is a real boost in security level for organizations. With the introduction of the AD Security module, companies can actively protect their Active Directory environment, detecting advanced attack techniques and effectively neutralizing them. The new Dark Web monitoring capabilities enable rapid identification of employee data leaks. Enhanced decoy point attachment mechanisms provide flexibility in creating environments that are difficult to distinguish from the actual infrastructure. Meanwhile, the new family of Windows OS points, equipped with additional services and configuration options, significantly increases the realism of traps and the effectiveness of unauthorized access detection. All of this translates into better visibility, faster incident response, and more effective threat mitigation.

As the official distributor of Labyrinth solutions, we are delighted to offer our clients technologies that not only keep pace with the evolving landscape of cyber threats but also set the direction for it. This is a platform that grows with the challenges – constantly improved, developed, and ready to meet the expectations of even the most demanding security teams. Want to learn more or test the Labyrinth Deception Platform in your environment? Feel free to contact us.