XcellSecure SM | Deception-as-a-Service

Improve your threat detection & response capabilities with contextual threat intelligence and predictive security.

Gain the upper hand against cyber adversaries using cyber deception technology.

Force your attacker into an alternative reality & slow them down while triggering a rapid response.

Buy Now Schedule Demo Take Tour Play Video
herostandred-threat-detection (1)

seemless deception

Understand Your Adversary

Rapidly reveal attacker lateral movements inside your network by leveraging innovative cyber protection technology, our deep expertise, and CFC threat hunting capabilities.

Performance-Friendly Protection

Our agentless solution is remotely managed and designed to avoid impacting business operations.

Track Malicious Activity

When you know where your adversaries are focusing, you can manage your business risks better.

Complete Deception

Gain comprehensive coverage with deceptions deployed across all endpoints.

Forensic Data

Collect high-fidelity forensic data from impacted endpoints.

Proper Focus

We reduce false positive alerts and enable security teams to focus on relevant threats.

Scalable Costs

Predict the cost of your operations and scale them to drive value.

Key Relationships

Illusive ransomware protects against ransomware, APT, and more.

Managed Attacker Deception - How We Engage

Phase 1: Pre-implementation

Project scope is defined, the illusive network Deception Everywhere and Management System™ are deployed and deceptions are configured to seamlessly blend into the client’s network.

Phase 2: Implementation

The illusive networks solution is integrated into the Cyber Fusion Center (CFC), the solution is fine-tuned by the MSS Implementation team, and connectivity to the client’s environment is established. The CFC’s Threat Analysis team will work closely with client contacts to ensure the solution is properly implemented and that deception profiles are customized in order to blend invisibly into the client’s environment.

Phase 3: Go-live

Service is thoroughly validated by the CFC Threat Analysis team to ensure smooth day-to-day operations and monitoring

Phase 4: Ongoing Operations

Once the service is operational, CFC threat analysts support clients daily through several activities:

  • 24x7x365 security event triage
  • 24x7x365 health and performance monitoring of the attacker deception solution
  • Proactive threat hunting
  • Solution change and configuration management
  • Incident containment
  • Forensic data collection from impacted endpoints
  • Reporting (incidents, escalations, trends, and real-time dashboards)

key features

Reliable

Deception and real-time detection

  • Network and endpoint decoys are deployed dynamically to misdirect attackers.

  • The entire network is turned into a trap using deception breadcrumbs to lure attackers.

  • Decoys and traps enable detection of threats as they move laterally across the network.

  • Provides assessment of vulnerable attack paths that an attacker takes to reach important business assets.

Reliable

Mitigation and response

  • Takes a multi-vector approach for threat correlation and investigation, enabling prioritised escalation and more informed recommendations for mitigation.

  • Incident response can be automated using a playbook customised to any security environment

  • Relevant playbook policy rules and indicators of compromise (IOC) can be configured to detect, block and hunt threats depending on the capabilities of the enterprise’s managed security device.

Reliable

Monitoring and management

  • Provides 24/7 real-time monitoring with intelligence capabilities.

  • Security Information and Event Management Platform (SIEM) delivers visibility into the network and potential threats via a user-friendly customer portal.

  • Supports enterprises in security policy and configuration management.

  • ncludes performance, availability and fault management with on-site hardware replacement.

Reliable

Reporting and analysis

  • Collates logs across diverse platforms for a holistic view of the networking and threats landscape

  • Provides incident reporting with context analysis for improved decision making.

  • Includes a wide range of reports from ad-hoc fault incident reports to monthly summaries for performance and availability as well as top security events.

key benefits

Active defense

Lure attackers into revealing themselves as soon as they start looking or moving laterally across your organization

Faster detection

Reduce attack detection time by accurately identifying infected clients

Better protection

Stop APTs and BOTs through real-time notification

Attack insights

Catalog all attack activity to better understand the anatomy and objective of an attack

Zero-day attack protection

Catch zero-day attacks without depending on known signatures

Rapid execution

Utilize automated attack, malware, and phishing analysis as well as credential-based vulnerability assessments

Flexible options

Consumption-based pricing
Take advantage of our unique consumption-based pricing, and choose the service that best fit your needs.

Level 1: Monitoring Service
Includes critical monitoring services and response recommendations.

Level 2: Monitoring and Management Service
Provides all of the benefits of monitoring, and includes authorized measures taken on your behalf.

Additional Professional Services
In support of monitoring and management agreements, we offer digital forensics and incident response, and product deployment services.

how it works

Accurate threat analysis

The Deception service uses technology that is deployed on real Windows® and Linux® operations systems and full network services to appear as authentic production assets and create attractive targets for attackers. To help security analysts investigate, gather evidence, and analyze malware, an attack analysis engine conducts a multi-dimensional correlation of the events on the decoy engagement servers. This process accurately identifies and attributes malicious activities to the source of the attack. Sandboxing is used to analyze malicious binary submissions or websites.

Offensive security posture

Using 3rd party technology, we deploy effective network, endpoint, and data deceptions to detect threats from all vectors. Xcellhost correlates system, application, and security event data from computers, computer networks and the above technologies. This allows us to provide the enhanced detection information needed to investigate malicious activity, and the forensic output to aid in investigation or remediation. We monitor everything and ensure that all deception and decoy technologies are optimized for an offensive security posture.

key benefits

Reliable

Increases effectiveness in threat detection

  • Zero false positives because real users will never wander into the fake environment.

  • Threats such as ransomware and advanced persistent threats can be detected in real time by tracking lateral movement of malware across the network.

Reliable

Adapts dynamically to a volatile threat environment

  • Through intelligent traffic monitoring, the service is able to detect what hackers are targeting at.

  • Decoys are generated to obfuscate the environment and confuse the attackers.

  • Induces attackers to expend resources targeting fake assets and reveal themselves in the process.

Reliable

Reduces incident response time

  • Accelerated incident handling with automation of response

  • Response is orchestrated via a playbook tailored to the customer’s environment.

  • Sinkhole environment prevents attackers from propagating throughout the network.

Reliable

Improves visibility

  • Round-the-clock monitoring and a user-friendly customer portal provides improved visibility into the network and security environment

  • Delivers a more holistic view of threats with log collation across diverse platforms, as well as incident reporting with context analysis.

Scenario

Scenario 1: External threats

When an external attacker attempts to infiltrate the network:

  • The deception server identifies the infected endpoint by using decoys and traps to trace the attack path.
  • The IP address of the infected endpoint is pushed to the endpoint security server which blocks/quarantines the endpoint.
  • The firewall protecting the network perimeter will be updated to block subsequent incoming attacks.
  • Concurrently, the endpoint security server initiates malware hunting across the entire network.
  • Event details are also pushed to the SIEM platform which applies machine learning to analyse the threat for incident handling/response

Scenario 2: Insider threats

Insider threats are amongst the most difficult to counter because they are perpetrated by “trusted” internal parties. In an insider breach involving Supervisory Control and Data Acquisition (SCADA) and Industrial Automation and Control Systems (IACS):

  • The insider is able to access the IACS' network, circumventing firewall protection..
  • Deception technologies detect abnormal lateral movements, indicating the presence of a threat.
  • The deception server identifies the threat and routes it to the sinkhole.
  • The SIEM platform is alerted of the threat and applies machine learning to analyse it for incident handling/response

banner-images-deception-services

FREQUENTLY ASKED QUESTIONS

At times, Azure can be a very complicated platform. It can take a while to understand the entire platform comprehensively. Your IT team may need to spend hours to understand Azure completely. There are wide range of options available for Azure deployment, which can overwhelm a first-time user. Also, the Azure platform is unmanaged.

Our Microsoft-certified experts at XcellHost will help you understand the Azure platform, guiding you with all the technical nuances that come with Azure management. We will provide server management, platform management, and instance management that includes patching, OS hardening, 24/7 monitoring, automatic backup and updates, disaster recovery etc.

In short: We take care of your Azure, so that you can take care of your main business.

Even if you purchase Azure directly from Microsoft, there is a lot of technical expertise required for setup, deployment and operations of Azure. Managing Azure is very complicated without proper support. XcellHost takes care of everything from beginning to the end, leaving you completely relieved.

We are a Microsoft-certified Gold Partner with more than 14 years of experience in the industry. Many of our engineers have worked with Microsoft in the past, so you can be very sure of getting the excellent value out of it. When you sign-up with XcellHost, you don’t pay anything additional for the infrastructure. Your pricing remains the same as Microsoft.

Managed Azure Basic:

1. Basic 24/7 Monitoring

2. 1 Hour/Month Support

3. No OS-Related Service Monitoring

4. No I/O Monitoring Available

5. No Managed Backup Available

6. No Health Checks Available

Managed Azure Advanced:

1. Advanced 24/7 Monitoring

2. 2 Hour/Month Support

3. OS-Related Service Monitoring

4. Read/Write I/O Monitoring Available

5. Managed Backup Available

6. Health Checks Available

Note: All our plans include 24/7 support via phone, chat and e-mail.

XcellHost will be a single point of contact for all your Azure requirements. We have a dedicated team working round-the-clock to provide 24/7 support via email, phone or chat. We typically respond within an hour of raising ticket. Some cases that require attention from our engineers can take upto 24 hours. In very rare cases which require escalation to Microsoft, it may take a little longer.

Apart from our impressive track record in managed cloud services and round-the-clock support, we claim to have the lowest prices in the market.

We are Microsoft Partners with Gold competency for “Small and Midmarket Cloud Solutions” along with Silver competency in “Cloud Platform” and “Cloud Productivity.” With more than 10,000 installations spanning across 90+ countries,XcellHost is a force to reckon with in the cloud industry.

Feel free to contact us anytime:

Email: 

Deception as a Service

Related Products & Services

Business email

Business Email

Our Business Email package comes with a storage space of 5GB per account. This is dedicated to file storage and also backs up all your mails on our state of the art infrastructure, making sure you never experience a loss of mails

Microsoft Integration_1

Microsft 365

Includes Office 365, Windows 10 & Enterprise Mobility + Security. Learn More Now. Trusted & Secure. Secure Cloud Service. Intelligent Security. Built For Teamwork. Achieve More Together.

Email signature

E-mail Signatures

Microsoft Office 365, Exchange Server and G Suite solutions for email signatures, archiving, email utilities & more.