Cyber Deception is a strategy used to attract cyber criminals away from an enterprise’s true assets and divert them to a monitored decoy.
In version 6.0 of AC-Hunter, we added a Cyber Deception module. This module allows for the creation and monitoring of two types of canary tokens. File-access tokens will generate an alert when a designated file has been accessed. User-access tokens will generate an alert when an authentication attempt is made against a monitored user, or a Kerberos ticket is requested for that user.
In this webcast, AC-Hunter developer Logan Lembke will explain why we added this module to AC-Hunter and show you how it works.
Join our Threat Hunter Community Discord Server to join in on the conversation during and after the webcast: https://discord.gg/threathunter