Helps change the rules of the game in favor of IT security professionals: now attackers must do everything right in 100% of cases, and IT security professionals need to wait for just one mistake to stop them.Request a demo
The Labyrinth solution was developed by a team of experienced researchers and engineers in the field of cybersecurity. Based on unique threat detection technologies, this Deception class solution gives attackers the illusion of real vulnerabilities in the IT infrastructure. Based on so-called Points, intelligent simulation hosts, each component of the imaginary environment reproduces the services and content of real network segments. Labyrinth provokes attackers to attack by tracking and studying their actions to improve security. The product's functionality provides the most powerful capabilities for detecting targeted attacks (APTs), botnets, zero-day attacks, and insiders.
Labyrinth Map covers many automated ways to forge data based on network environment information and regular updates from the Labyrinth Technologies team. This provides companies with a powerful tool for developing their own unique data forgery platform based on their specific needs and global best practices.
- Seeder agents deployed on servers and workstations mimic the most attractive artifacts for an attacker. Keeping the attackers in sight, the agent directs them to Point.
- Each Point simulates content and services that are relevant to their segments of the environment. Advanced features provide the ability to dynamically build new paths in Labyrinth. Point keeps the attacker inside Labyrinth while all information about the attacker is collected.
- All accumulated data is sent to the management console for analysis. The console informs the security team and sends the required data to the incident response platform.
- IR (Incident Response) compares metadata with external databases and responds quickly to incidents through third-party integrations that automate isolation, blocking, and threat detection.
Points in Labyrinth not only emulate the most attractive vulnerabilities for an attacker, but also behave like real hosts. Depending on the type, they can send broadcast requests, change IP addresses and connect to news sites.
Early detection of network threats
Labyrinth detects any targeted suspicious activity at an early stage of the attack. Points in Labyrinth are designed to detect threats at a stage when an attacker is trying to explore the network and find a suitable target. After it attacks Point, the Labyrinth system collects details about the attacker: the sources of threats used, the tools, and the vulnerabilities exploited. At the same time, all real devices and services of the network continue to work without any problems.
Early detection of network threats
Labyrinth provides teams of information security professionals with highly informative alerts in which the share of false positives is less than 1%. According to the algorithm, Points do not show activity (except for some types of Points that emulate workstations) until no one tries to interact with them. According to the rules, no one should contact them, so any interaction with Point is suspicious. This distinguishes Labyrinth from cybersecurity solutions, which are designed to analyze all actions on the network, resulting in a huge amount of digital "noise".
Rapid response to incidents
Labyrinth provides an intelligent analytical tool for incident investigation and threat identification. All collected events are supplemented by the necessary safety data from the incident response platform. The compromise indicators (IoC) generated by Labyrinth are automatically synchronized with threat prevention decisions. This allows you to immediately take the necessary measures in the event of an attack: be aware of it, conduct an analysis, confidently respond to the attack and improve protection in the future.
Most detection technologies stop an attack once it is detected and do not allow you to study it in detail. At the same time, important information that helps to eliminate the attack and prevents its return is lost. Labyrinth allows you to learn more about the nature of the attack and better understand the tools and techniques used by attackers. The solution generates and installs fake artifacts, the purpose of which is to lure intruders with bait. Instead of just waiting for the attackers to take the next step, the artifacts send them to an isolated environment for observation.
Detection of targeted attacks
To effectively counter targeted attacks, it is critical to understand the methods, tools, and goals of attackers. The Labyrinth Deception Platform entices hackers or attackers, giving them a false sense of security, allowing them to learn their skills and motives. Information about what the attackers know about the network, software applications and employees of the company helps to create the most accurate profile of attackers and find the best possible ways to protect against them. It also shows the weaknesses of corporate security systems that could be used by attackers in the future.
The Labyrinth Deception Platform solution can serve as a highly reliable alert system for attacks that have bypassed perimeter security controls. Seeder agents deployed on servers and workstations mimic the most attractive artifacts for an attacker. What looks like a privileged and poorly protected administrator account is in fact a trap that lures an attacker into Labyrinth. There you can monitor the actions of an attacker who interacts with Point, collecting valuable information about the threats that have overcome the protection of the perimeter.
Labyrinth is a Ukrainian team of cybersecurity and pentester engineers specializing in developing solutions in the segment of early detection and prevention of cyber threats. Each member of the Labyrinth team has over 10 years of experience in developing and implementing cybersecurity projects.
A demo version of the software is provided in the name of the company and the specific person who fills out the form. To generate an access key, you have to enter valid information and fill in all fields of the form.