Loading
On June 21-22, 2023, Labyrinth had the pleasure of participating in the first edition of the Incident Busters Forum event in Warsaw, where there were lectures, discussions, a decision-making game, workshops and an evening networking event.
The conference was addressed to security managers, experts specializing in Threat Hunting, Threat Intelligence, Incident and Response Management as well as SOC effectiveness and organization, as well as people dealing with aspects related to people working in cybersecurity.
On the first day, Labyrinth specialists introduced participants to the Labyrinth Deception Platform at the exhibit booth, presenting the solution's interface, prepared decoys for various services and applications, and customer implementation examples.
On the second day, our experts Anastasiia Dorosh and Vladyslav Zakhozhai held an outstanding webinar, which included seven practical case demonstrations regarding Deception-based detection in IT and OT infrastructures. Attending the workshop provided a unique opportunity to gain practical experience in deception-based detection. This hands-on approach can improve attendees' cybersecurity skills and understanding of how attackers operate. Ultimately, the knowledge gained from this workshop can help organizations improve their security and better defend against cyber threats.
According to Cybersecurity Ventures, the projected growth rate for global cybercrime costs is estimated to be 15 percent per year over the next five years. By 2025, it is expected to reach an annual cost of $10.5 trillion, compared to $3 trillion in 2015.
Deception involves employing decoys or fabricated information to mislead cyber attackers. Doing so redirects their attention away from genuine assets, leading to the squandering of their resources while enabling the detection of their presence and tactics.
Labyrinth Deception Platform simulates a broad range of real services (mail, web applications, etc.). Additionally, the system mimics the user’s network connectivity and all kinds of decoys (files, links, ssh keys, etc.), to increase the probability of an attacker getting into simulated services.
To protect SCADA/OT infrastructure, new Point types have been developed that can emulate Web PLC interfaces and Siemens S7COMM, SNMP, Modbus protocols. For IoT protection a MQTT server imitation has also been added.
The event was attended by more than 100 participants like analysts, team leaders, SOC and CERT team managers, security architects, IT directors and the event itself was highly appreciated by them.
Photo report from the Incident Busters Forum below.
