Home Labyrinth Labyrinth Deception Platform

Labyrinth Deception Platform

The Labyrinth Platform provides attackers with the illusion of real infrastructure vulnerabilities.
The solution is based on so-called “Points” – decoys that mimic real infrastructure. Each component of the deception environment replicates the services and content of a genuine IT/OT network segment, enticing attackers to take action. The entire attack detection and monitoring process occurs in a way that protects the real IT/OT network.

Order a free demo

ABOUT THE SOLUTION

The Labyrinth solution was developed by a team of experienced cybersecurity researchers and engineers. Based on unique deception technologies, it gives attackers the illusion of real vulnerabilities in IT infrastructure. Through so-called Points, intelligent simulation hosts, each component of the imaginary environment mimics the services and content of real network segments.

Labyrinth provokes the attacker to act while simultaneously learning suspicious activity. Experienced specialists help construct the best “labyrinth” for complex environments. Its features provide advanced capabilities for detecting targeted attacks, BOTNETs, 0-day attacks, and malicious internal users.

Points mimic special software services, content, routers, IoT devices, etc. Each point detects all targeted and suspicious activities. While the cybercriminal traverses the false infrastructure of their target attack, the Labyrinth platform captures all the details of their actions.

This way, the organization receives information about threat sources, tools used, as well as the vulnerabilities exploited and attacker’s activities. Meanwhile, the actual infrastructure continues to operate without any impact on its performance.

All information collected by Labyrinth is sent to the Management Console for analysis, after which necessary data is sent to the incident response platform. The incident response platform in turn checks the metadata with external databases and accelerates incident response through integrations with third-party solutions that automate isolation, blocking, and threat search.

FEATURES

Labyrinth detects all targeted suspicious actions in the early stages of an attack.

Points in Labyrinth are designed to identify threats at the stage when the attacker explores the network and searches for an appropriate target. Once a Point is attacked, the Labyrinth system gathers detailed information about the intruder: threat sources, tools used, and vulnerabilities exploited. Meanwhile, all real devices and services in the network operate without disruption.

To effectively counter targeted attacks, it is crucial to understand the methods, tools, and goals of attackers. The Labyrinth Deception Platform lures hackers, giving them a false sense of security, allowing for the analysis of their skills and motives.

Information about what attackers know about the network, applications, and company employees helps create a precise attacker profile and develop effective defense strategies. Additionally, they reveal vulnerabilities in security systems that could be exploited in the future.

During the lateral movement phase, an attacker moves around the company’s network from one asset to another. Labyrinth is designed for early detection of the attacker’s presence, credential theft, and internal movement. The platform allows companies to perceive such threats in the early stages, which is not an easy task using traditional security solutions.

The Labyrinth detection mechanism is particularly effective in reducing detection time (known as dwell time), which is a key condition for a successful attack. Labyrinth reduces the attacker’s ability to move through the company’s networks, stopping them before reaching key assets and services.

Labyrinth provides an intelligent analytical tool for investigating incidents and identifying threats. All collected events are enriched with necessary security data from the incident response platform.

Indicators of compromise (IoCs) generated by Labyrinth are automatically synchronized with threat prevention systems. This allows for immediate appropriate actions to be taken in case of an attack: detection, analysis, rapid response, and optimization for future protection.

The Labyrinth Deception Platform can act as a highly reliable alarm system for attacks that bypassed traditional perimeter security.

Seeder agents deployed on servers and workstations mimic the most attractive artifacts to an attacker. What appears to be a privileged and poorly secured administrator account is actually a trap leading to Labyrinth.

The solution allows monitoring the actions of an attacker interacting with a Point and collecting valuable information about threats that managed to bypass security.

No large infrastructure needs

Does not require collecting enormous amounts of data. The system collects only data related to security incidents and does not impact the productivity of IT/OT network resources.

No excess alerts

The solution does not generate “digital noise” and exhibits an extremely low false alarm rate, ensuring full visibility of the attack in real-time.

No specialist knowledge required

Installation and configuration of the solution are extremely simple, and its use does not require special skills. The platform offers automated detection and response.

Experience the advantages of our solutions firsthand!

The demo version of the software is provided in the name of the company and the individual filling out the form. To generate an access key, it is necessary to enter accurate information and complete all form fields.

Please check your full name - it must be valid. Please check company - it must be valid. Please check job title - it must be valid. Please provide the corporate email address of your company/enterprise.

Please check the phone number - it must be valid.

Please choose a product.

Please pass the captcha.

The Labyrinth Platform detects and responds to hacking activities, protecting key resources from takeover