Why your organisation needs Simbotnik PDP
Reduced dwell-time equalsreduced data-loss
Find Threat Actors before they breach your network.
PDP takes the most innovative concepts of ad-tech / social networks and combines them with proven HoneyPot techniques to gain greater insights than previously possible. It's the only Deception platform to fully reflect the realities of modern internet usage.
Unlike legacy Honeypot/Deception systems, it lives outside your network, acting as a first line of defense, gathering insights & intelligence on your adversary, letting you respond proactively before your network is breached.
Understand what assets are being targetted while protecting your organisation
With limited human attention at hand, your organisation needs to differentiate between script kiddies and APTs. PDP allows you to measure and quantify the intention and sophistication of the attacker earlier in the kill chain than any traditional security product, allowing you to respond proactively and appropriately. Once the attack has reached a chosen threshold of sophistication, you'll receive a near real-time Indicator feed to protect your genuine assets.
Cloud based: easy to deploy
PDP lives in the cloud and can be deployed in minutes. You decide how deeply you want to integrate it with existing organisation's systems.
The interface is intuitive and can be used without extensive training.
PDP and all it's supporting services are based in Europe (EU 🇪🇺 & Switzerland 🇨🇭), giving you peace of mind for GDPR compliance and security.
Delay, deter, deceive
Once a threat has been identified, use deception techniques to lead them down the wrong path, or deter them from continuing. Even APTs have a finite amount of time and money: you can use PDP to gain time to protect real infrastructure using gathered IOCs and Intelligence. It can also be used to gather a dossier to pursue adversaries through other channels.
How Simbotnik PDP helps implement MITRE PRE-ATT&CK & ATT&CK® frameworks
A comprehensive security plan does not begin or end at the perimeter. Adversary's pre-compromise activities are largely executed outside the enterprise’s field of view. Defenders must expand their ability to monitor and understand adversary actions outside the boundaries of their enterprise.
PRE-ATT&CK provides the ability to prevent an attack before the adversary has a chance to get in. PRE-ATT&CK answers questions such as: How should you prioritize analytics to “see” the adversary before the exploit occurs?
MITRE PRE-ATT&CK techniques that PDP can detect
PDP can help detect these and many other techniques:
- T1247: Acquire OSINT data sets and information
- T1275: Aggregate individual's digital footprint
- T1303: Analyze presence of outsourced capabilities
- T1295: Analyze social and business relationships, interests, and affiliations
- T1261: Enumerate externally facing software applications technologies, languages, and dependencies
Read the full introduction here: MITRE PRE-ATT&CK
See PRE-ATT&CK techniques for the full list of techniques.