In a recent podcast, Ovum expressed the opinion that deception technology is primarily the preserve of large enterprises with sophisticated IT security teams. While adding that deception is about to go mainstream, it also doubted that many of the companies in this market have more than 50 customers.
Deception vendor Attivo Networks, however, contacted Ovum to counter that perception, and in the spirit of full disclosure, we reproduce its arguments here together with some comment.
It says only four in 10 Attivo customers are in the enterprise segment as defined by the lists compiled by Fortune magazine (the Fortune 100, 500, 1000, and 5000). Most deception vendors say they focus on enterprise and win most of their business there. Attivo has, however, gone beyond the enterprise segment, which is clearly the exception.
Without revealing exact numbers, Attivo says its customer base is over 100 (“well into three digits”). Again, this exceeds many of its competitors, which say their customer base is in the “several dozen” range.
Attivo argues that with machine learning, it is now easy for any organization to deploy and maintain a deception infrastructure, and because alerts are engagement-based and substantiated, small teams can act with confidence, effecting remediation in a timely fashion. It cites, by way of example:
A pharma company of 30 people and no one with security in their title
A small treasury department, also of 30 people, which has deployed Attivo for detection despite having only limited IT resources
A midsize technology company with only two security people running its global network, using Attivo deception for detection authenticity and actionable alerts.
"Deception market matures as Attivo enhances operational flexibility", INT003-000114 (March 2018)
On the Radar: TrapX uses emulation to create deceptions, INT003-000029 (January 2018)
On the Radar: Attivo Networks offers deception, vulnerability assessment, and response automation, IT0022-001040 (July 2017)
On the Radar: Illusive Networks uses deception against cyber-attacks, IT0022-000923 (March 2017)
Rik Turner, Principal Analyst, Infrastructure Solutions