Uses malware's defenses against it
Shaping attackers decision making
Deceptive Bytes provides an innovative solution against threats in enterprises’ most critical and exposed assets, their endpoints!
The solution is a fully endpoint-centric deception platform that creates dynamic & deceptive information, responds to the evolving nature of advanced threat landscape and interferes with attackers attempts to recon the environment that deters them from executing their malicious intents, through all the stages of compromise in the Attack Kill Chain – covering advanced & sophisticated malware techniques, constantly making sure all the endpoints & data in the enterprise are secured in several ways…
Making malware believe it’s in an unattractive/hostile environment to attack, reducing its motivation and the chance of infection, e.g. by creating a sandbox/VM environment which deter malware.
Actively responding to threats as they evolve, changing the outcome of the attack through all the stages of the Endpoint Kill Chain, e.g. by deceiving and stopping Ransomware, thinking it succeeded encrypting the files as the solution safeguards them.
Prevent never-seen-before cyber-attacks
One user-mode process to prevent all types of threats
Operates when needed, no scans means no unnecessary CPU usage
Only necessary memory is used which lowers memory consumption
Free of threats database means no unnecessary disk space is used
Using malware defenses insures high prevention rate
Providing multi-stage protection through the Endpoint Kill Chain
The deception based solution uses common defenses malware uses against it and prevents threats without using signatures, patterns or prior knowledge.
More than 98% of all malware use evasion techniques. Deploying these techniques against malware helps increase prevention & detection rates substantially.
The solution identifies malicious behavior during execution even if no evasion technique was used, thus detecting & stopping threats in real time.
Since the solution doesn’t scan everything, its footprint is extremely low and it doesn’t impact user experience.
Uses <0.01% of CPU, <20MB of memory.
The solution doesn’t need to scan everything, it only handles unknown processes.
The thin agent (<1.5MB) deploys in seconds and operates immediately without rebooting.
The solution doesn’t need to be updated frequently since it uses common techniques malware uses which don’t update often.
No constant updates means that the solution can operate in air-gapped, isolated environments or by remote employees - keeping the endpoint secure.
Integrating 1 evasion technique can potentially stop millions of threats that use the same technique, even future ones.
The thin agent operates in user-mode, meaning it can’t cause system failure or used as a point of entry for potential attackers & gain full access to the OS.
Making sure your environment is running smoothly, the solution automatically approves OS processes and other security solutions.
The solution creates various environments/tools against malicious behaviors, triggering high-fidelity alerts and reducing the F/P rate close to none.
One agent to protect IT all
Stop malware in Its tracks
Windows Defender & Firewall
It’s not just a deception platform, it’s an EPP with EDR-like capabilities when integrated to Windows Defender & Firewall, giving defenders extra security layers to protect their endpoints without the added complexity, costs or burden.
Deceptive Bytes’ platform controls Defender & Firewall on one hand and get threat notifications on the other, giving full visibility when connected.
The integration supports Windows 7 SP1 and above, Windows 2008 R2 and above, giving IT/Security teams the peace of mind when managing old operating systems.