What are our data sources?
We use the data sources on the side for ranking solutions and awarding badges in deception tech software category. Our data sources in deception tech software category include;
While traditional data security measures such as logging, rejecting and quarantining intrusions protect data in the short term, skilled adversaries can learn to overcome these measures over time. Deception tech relies on deception to automatically identify attackers and try to make them waste resources and reveal their identity. This provides security professionals valuable time to deal with intrusions
If you’d like to learn about the ecosystem consisting of Deception Tech Software and others, feel free to check AIMultiple Cybersecurity.
AIMultiple is data driven. Evaluate 18 services based on
comprehensive, transparent and objective AIMultiple scores.
For any of our scores, click the information icon to learn how it is
calculated based on objective data.
*Products with visit website buttons are sponsored
We use the data sources on the side for ranking solutions and awarding badges in deception tech software category. Our data sources in deception tech software category include;
review websites
social media websites
search engine data for branded queries
According to the weighted combination of 7 data sources
Symantec Endpoint Protection
LogRhythm
GuardiCore
Rapid7
CounterCraft
Taking into account the latest metrics outlined below, these are the current deception tech software market leaders. Market leaders are not the overall leaders since market leadership doesn’t take into account growth rate.
Symantec Endpoint Protection
LogRhythm
GuardiCore
Rapid7
CounterCraft
These are the number of queries on search engines which include the brand name of the solution. Compared to other Cybersecurity categories, Deception Tech Software is more concentrated in terms of top 3 companies’ share of search queries. Top 3 companies receive 86%, 3% more than the average of search queries in this area.
26,690 employees work for a typical company in this solution category which is 26,669 more than the number of employees for a typical company in the average solution category.
In most cases, companies need at least 10 employees to serve other businesses with a proven tech product or service. 2 companies with >10 employees are offering deception tech software. Top 3 products are developed by companies with a total of 20k employees. The largest company building deception tech software is Symantec with more than 20,000 employees.
Taking into account the latest metrics outlined below, these are the fastest growing solutions:
LogRhythm
GuardiCore
Symantec Endpoint Protection
Rapid7
CounterCraft
We have analyzed reviews published in the last months. These were published in 4 review platforms as well as vendor websites where the vendor had provided a testimonial from a client whom we could connect to a real person.
These solutions have the best combination of high ratings from reviews and number of reviews when we take into account all their recent reviews.
According to customer reviews, most common company size for deception tech software customers is 51-1,000 employees. Customers with 51-1,000 employees make up 43% of deception tech software customers. For an average Cybersecurity solution, customers with 51-1,000 employees make up 38% of total customers.
These scores are the average scores collected from customer reviews for all Deception Tech Software. Deception Tech Software is most positively evaluated in terms of "Overall" but falls behind in "Ease of Use".
As the very name of the technology implies, the deception trap must be able to deceive the attacker by mimicking real networks, servers, user data etc.
Triggering an attack alert is not enough, it should be able to provide details about the attacker. The software must be able to provide a `photograph` of the attacker so that necessary security actions can be taken. Finally, it should be easily manageable such as integration to existing security management issues. Otherwise, its management becomes a burden for the cyber security personnel.
Almost every industry can benefit from deception technology software. Typical usage areas of deception technology include financial services, healthcare services and retail where there is a significant of personal data.
In financial services typical use cases are:
In healthcare typical use cases are:
In retail typical use cases are:
Additional developing uses cases include smart home and IoT applications, where devices are not protected by a corporate firewall.
Deception software is installed with the aim of detecting cyberattacks that managed to pass through preventive cyber security tools such as firewalls.
Basic requirement is ability to detect and report the attack very quickly and in detail, so that the necessary actions can be taken promptly. Also, as attacks get more and more sophisticated, the software must be dynamically updated by the vendor. This must be a standard feature in the purchase package. It is also important to have sector-specific applications.
Before purchase, a test and trial period is highly recommended. During this period, number and seriousness of the breaches detected must be observed. It is also necessary to compare potential damage of these breaches versus setup and maintenance cost of the deception software.
Detection software is a `defense in the depth` tool against cyberattacks. Also, it is very `efficient` since it gives alerts when there is certainly an infiltrated attack. It brings operational burden only when there is a real problem to deal with.
Deception tech detects intruders, therefore it creates more actionable alerts than alerts of security tools such as firewalls.
Typical firewall security measures try to detect the attackers while they attempt to breach the network attack surface. Detection software activates after the breach occurs. Since they deal with end points, firewalls generate many alerts since normal network usage can be mistaken as attempts to breach the network. Major enterprises might have millions of alerts every day. On the other hand, detection software generates an alert when there is certainly a breach. Thus, it triggers a specific action for the cyber security personnel.
Deception technology software is not designed to be a first-line defense against cyberattacks. Its aim is not to avoid infiltrations. Rather, it does its job when there is an infiltration and attackers start to roam in the attacked system. It is not a stand-alone cyber security solution; it complements the existing prevention tools.
Work of deception technology begins after a cyberattack manages to infiltrate a network. The technology generates `traps` that mimics real technology assets, networks etc. These traps are designed to trick the attacker that s/he has discovered a way to access and steal information. When the attacker starts to interact with this trap, deception technology software informs a central a deception server or general cyber security server about the attack.
Interest in deception software is increasing constantly. Currently, several Forbes 1000 firms from financial services, healthcare and utility industries as well as governmental institutions use deception tools. The technology is also gaining traction in smaller size firms. Its importance is increasing as an essential item in the cyber security arsenal. According to a research firm Technavio's report, deception technology software market will grow 9% annually and reach $1.3 billion in 2020.
Although firewalls getting better every day, attackers always find a way to infiltrate the systems. Recent examples show that attacks become more sophisticated. In 2018, cyberattacks exposed 2.8 billion user records and cost businesses $654 billion in the USA alone. There is no practical way to achieve zero infiltration. Once the attacker breaches the defenses, it can roam freely in the network for several days. According to cybersecurity firm FireEye, average dwell time is a staggering 99 days.
Thus, it is necessary to detect successful attackers once they start to roam in your network. Detection software complements typical firewall solutions in this sense.