urlscan.io logo urlscan.io
SecurityTrails logo

www.acalvio.com Open in urlscan Pro
35.190.79.198  Public Scan

Back to summary
Submitted URL: https://mkto-ab560139.com/NDcxLU1CWi04MDMAAAGPDAJOZubevP7tD2fY9Cn8MkH6gGw92xgP57mu1o8wINaxv9FNyWL2ANs9yRQEiuB_DYFMLiE=
Effective URL: https://www.acalvio.com/solutions/honeytokens-for-crowdstrike/?utm_source=email&utm_medium=email&utm_campaign=FY23_Q4_Gl...
Submission: On November 01 via api from ES — Scanned from ES

Form analysis 0 forms found in the DOM

Text Content

 * Products
    * Products
      Platform
       * ShadowPlex Advanced Threat Defense
         
         Deception for early detection of cyber threats with precision and speed
      
       * ShadowPlex Identity Protection
         
         Visibility, management and protection of identity stores and attack
         paths
      
       * Acalvio Active Defense Platform
         
         Comprehensive and Award-winning Distributed Deception Platform
      
       * What is Active Defense?
         
         Active defense detects and diverts attacks.
      
       * Why do I need Acalvio Active Defense?
         
         Active Defense deceives and disrupts attackers.

 * Solutions
    * Technology Solutions
      Industry Solutions
       * Breach Detection
         
         Active Defense for breach detection and response, both in on-premises
         and cloud workloads
      
       * Identity Threat Detection & Response
         
         Visibility into Identity attack surface and effective detect & respond
         solution for identity attacks
      
       * OT / ICS Security
         
         Passive and low-risk agentless solution that is easy to deploy
      
       * Active Directory Protection
         
         Visibility into AD attack surfaces and detection of AD Attacks
      
       * Threat Hunting
         
         Active threat hunting, based on targeted deception, to confirm hunting
         hypothesis
      
       * Ransomware
         
         AI-Driven Advanced Deception Technology to combat even zero-day
         Ransomware
      
       * Honeytokens for CrowdStrike
         
         Honeytokens are deceptive credentials and data that are embedded in
         legitimate assets
      
       * Public Sector
         
         Targeted solution for protecting Federal agencies in conformation with
         NIST and CISA recommendations

 * Resources
    * Blog
    * Events
    * In the News
    * Press Releases
    * Analyst Reports
    * Solution Briefs
   
    * E-Books
    * Webinars
    * White Papers
    * Case Studies
    * Glossary

 * Partners
    * Strategic Partners
    * Technology Partners

 * Company
    * About Us
    * Executive Team
    * Board of Directors
    * Investors
    * Contact

 * Products
   * Products
     * ShadowPlex Advanced Threat Defense
     * ShadowPlex Identity Protection
   * Platform
     * Acalvio Active Defense Platform
     * What is Active Defense?
     * Why do I need Acalvio Active Defense?
 * Solutions
   * Technology Solutions
     * Breach Detection
     * Identity Threat Detection & Response
     * OT / ICS Security
     * Active Directory Protection
     * Threat Hunting
     * Ransomware
     * Honeytokens for CrowdStrike
   * Industry Solutions
     * Public Sector
 * Resources
   * Blog
   * Events
   * In the News
   * Press Releases
   * Analyst Reports
   * Solution Briefs
   * E-Books
   * Webinars
   * White Papers
   * Case Studies
   * Glossary
 * Partners
   * Strategic Partners
   * Technology Partners
 * Company
   * About Us
   * Executive Team
   * Board of Directors
   * Investors
   * Contact

SCHEDULE A DEMO


HONEYTOKEN ACCOUNTS AND HONEYTOKENS FOR CROWDSTRIKE FALCON® IDENTITY PROTECTION

Watch Overview
SolutionsHoneytoken Accounts and Honeytokens for CrowdStrike Falcon® Identity
Protection

Identity threats are involved in 80% of all cyberattacks, according to the
CrowdStrike 2023 Global Threat Report. These are serious threats that compromise
corporate and personal information and put organizations at grave risk.
Sophisticated attackers like APTs and ransomware actors typically start their
campaign with an attack on identities. Attackers can exploit identities on
endpoints, applications, and identity stores.

An identity threat is difficult to detect with traditional cybersecurity
approaches.


WHY ARE HONEYTOKEN ACCOUNTS AND HONEYTOKENS IMPORTANT?

Existing security controls are not sufficient to protect enterprises from
identity compromise. Attackers target identities of privileged users (such as
Helpdesk Admins, and Domain Admin accounts), as well as machine or service
accounts. Service accounts represent a significant attack surface as they cannot
be easily secured using existing prevention-based security mechanisms. These
credentials cannot be protected using MFA techniques, giving the attacker
opportunities for Lateral Movement and Privilege Escalation.

Deception technology is a novel way of detecting identity threats with high
fidelity. Acalvio ShadowPlex honeytoken accounts and honeytokens are
purpose-built deceptions that offer a new layer in the Defense-in-Depth offering
for Identity Protection – for all credential and account types.




ABOUT HONEYTOKEN ACCOUNTS AND HONEYTOKENS

Honeytoken accounts are deceptive user accounts, service accounts, and
application identities created in Active Directory (AD). They are specifically
designed to lure attackers away from critical resources. Honeytokens are
deceptive credentials and data that are embedded in legitimate assets such as
Falcon-managed endpoints and cloud workloads. Together, they are extremely
effective at detecting identity threats.

CrowdStrike Falcon® Identity Protection has in-built support for monitoring
honeytoken accounts and a policy-based identity threat containment and response
mechanism. Any access or alterations of honeytoken accounts trigger a dedicated
high-fidelity detection, giving SOC analysts visibility into the detailed
insights and adversary attack path.


BENEFITS OF HONEYTOKEN ACCOUNTS AND HONEYTOKENS FOR IDENTITY PROTECTION

In a recent publication by CrowdStrike on Identity Security Innovations, the new
Honeytokens capability is highlighted as a key capability for Identity
Protection.

As covered in the blog, Identity-driven attacks are extremely hard to detect
with traditional approaches. When a valid user’s credentials have been
compromised and an adversary is masquerading as that user, it’s often very
difficult to differentiate between the user’s typical behavior and that of the
hacker using traditional security measures and tools.

Advanced Identity attack techniques are stealthy and do not leave any evidence
on the AD logs or on existing security controls. They use well-established
authentication protocols that are difficult to distinguish through AD login
interception or authentication protocol interception approaches.



Deception has been widely recognized by leading AD researchers and AD experts as
a powerful mechanism for the detection of identity threats. (ref: Active
Directory Security).

Acalvio Honeytoken Accounts and Honeytokens are designed to detect even zero-day
threats and are the perfect solutions to deploy in zero-trust environments for
Identity Protection.


OPERATIONALIZING HONEYTOKEN ACCOUNTS AND HONEYTOKENS

For effective utilization of Honeytoken Accounts and Honeytokens, there are
several factors to consider during the creation and deployment phase. Manually
defining these would be cumbersome and challenging to make them attractive and
effective.

Acalvio’s proven expertise in Advanced Deception Technology helps CrowdStrike
Identity customers to operationalize this capability by automating the design,
definition, and deployment of effective Honeytoken Accounts and Honeytokens.




ACALVIO HELPS CROWDSTRIKE IDENTITY PROTECTION CUSTOMERS OPERATIONALIZE
HONEYTOKEN ACCOUNTS & HONEYTOKENS

 * Domain selection for deploying Honeytoken Accounts & Honeytokens
 * Automated Al-driven recommendation of Honeytoken Accounts
 * Appropriate count of Honeytoken Accounts per Domain
 * Honeytoken Account Types & Variety
 * Honeytoken Account Attributes
 * Automated creation & Deployment of Honeytokens
 * Wide variety of Honeytokens
 * Designed to be hidden from legitimate users
 * Visible to attackers via tools & scripts
 * Blended based on endpoint characteristics


SEAMLESS INTEGRATION: ACALVIO SHADOWPLEX AND CROWDSTRIKE FALCON® IDENTITY
PROTECTION

Acalvio ShadowPlex is pre-integrated with CrowdStrike Falcon® that provides
immediate value:

 * Acalvio’s integration with CrowdStrike Identity Protection is powered by the
   Acalvio SaaS Service
 * No software installation on the enterprise network
 * Scalable architecture protects multiple Active Directory Domains & thousands
   of endpoints
 * Single console solution – managed using the CrowdStrike Falcon® console
 * Administrators can control the variety and count of Honeytoken Accounts &
   Honeytokens.




FAQS




WHAT ARE HONEYTOKEN ACCOUNTS AND HONEYTOKENS?

Honeytoken accounts are deceptive accounts (representing human and service
accounts, and application identities) created in the Active Directory (AD), that
are specifically designed to blend into the domain.
Honeytokens are deceptive credentials and data that are embedded in legitimate
assets such as OS caches, application configuration files, Windows registry
entries, Falcon-managed endpoints, and cloud workloads. Any usage or
manipulation of these deception artifacts is a very reliable indicator of an
identity threat.


WHY DO I NEED HONEYTOKEN CYBERSECURITY WITH CROWDSTRIKE FALCON® IDENTITY
PROTECTION?

Acalvio ShadowPlex Honeytoken accounts and Honeytokens for CrowdStrike Falcon®
Identity Protection are based on Deception Technology and provide a new layer in
the Defense-in-Depth offering for identity protection. They are a class of
Deception Technology techniques that are proven to be extremely powerful and
efficient in detecting a variety of identity threats.

Acalvio ShadowPlex leverages the Falcon® Identity Protection Honey Account
monitoring and containment policy to provide a scalable and effective
deception-based identity threat detection solution.


WHAT MAKES HONEYTOKENS AND HONEYTOKEN ACCOUNTS BY ACALVIO UNIQUE?

Honeytoken accounts and Honeytokens are unique, attractive and are carefully
designed. They are invisible to normal users, but visible through the lens of
attacker tools.

ShadowPlex gives honeytoken accounts properties that are like the properties of
existing accounts in Active Directory. In other words, when a honeytoken account
is created in Active Directory, its properties would enable it to blend with the
existing accounts in Active Directory. At the same time, ShadowPlex also gives a
honeytoken account properties that make it look attractive to an adversary.

Manually creating honeytoken accounts and honeytokens is a laborious process,
and it is extremely challenging to make them attractive to attackers.


HOW ARE ACALVIO SHADOWPLEX AND CROWDSTRIKE FALCON® INTEGRATED?

The Honeytoken fulfillment capability from Acalvio is completely automated,
pre-integrated into the Falcon® platform, and does not require any additional
Acalvio software to be installed. Acalvio provides a single console solution to
CrowdStrike Falcon® customers.






NEXT STEPS

Explore our patented technologies to enable Active Defense and Identity Security
in your enterprise.

SCHEDULE A DEMO
 * Products
    * ShadowPlex Advanced Threat Defense
    * ShadowPlex Identity Protection
    * Platform
    * Acalvio Active Defense Platform
    * What is Active Defense?
    * Why do I need Acalvio Active Defense?

 * Solutions
    * Technology Solutions
    * Breach Detection
    * Identity Threat Detection & Response
    * OT / ICS Security
    * Active Directory Protection
    * Threat Hunting
    * Ransomware Protection
    * Honeytokens for CrowdStrike
   
    * Industry Solutions
    * Public Sector

 * Resources
 * Blog
 * Events
 * In the News
 * Press Releases
 * Analyst Reports
 * Solution Briefs
 * E-Books
 * Webinars
 * White Papers
 * Case Studies
 * Glossary

 * Partners
 * Strategic Partners
 * Technology Partners

 * Company
 * About Us
 * Executive Team
 * Board Of Directors
 * Investors
 * Contact Us

Acalvio, the leader in cyber deception technology, helps enterprises actively
defend against advanced security threats. Acalvio Active Defense Platform, built
on 25 issued patents in autonomous deception and advanced AI, provides robust
solutions for Identity Threat Detection and Response (ITDR), Advanced Threat
Detection for IT and OT networks, Zero Trust, Active Directory Protection and
Ransomware Protection. The Silicon Valley-based company’s solutions serve
Fortune 500 enterprises, government agencies and are available to deploy from
the Cloud, on-premises or via marquee managed service providers.

Follow Us

 * facebook
 * twitter
 * linkedin

© Acalvio Technologies, Inc. All rights reserved.

 * Privacy Policy
 * Trademarks
 * Eula
 * Sitemap

Schedule a demo
 * Facebook
 * Twitter
 * Linkedin
   


Loading...

 * Products
   * Products
   * Products
     * Products
     * ShadowPlex Advanced Threat Defense
     * ShadowPlex Identity Protection
   * Platform
     * Platform
     * Acalvio Active Defense Platform
     * What is Active Defense?
     * Why do I need Acalvio Active Defense?
 * Solutions
   * Solutions
   * Technology Solutions
     * Technology Solutions
     * Breach Detection
     * Identity Threat Detection & Response
     * OT / ICS Security
     * Active Directory Protection
     * Threat Hunting
     * Ransomware
     * Honeytokens for CrowdStrike
   * Industry Solutions
     * Industry Solutions
     * Public Sector
 * Resources
   * Resources
   * Blog
   * Events
   * In the News
   * Press Releases
   * Analyst Reports
   * Solution Briefs
   * E-Books
   * Webinars
   * White Papers
   * Case Studies
   * Glossary
 * Partners
   * Partners
   * Strategic Partners
   * Technology Partners
 * Company
   * Company
   * About Us
   * Executive Team
   * Board of Directors
   * Investors
   * Contact