Shadow
Identity Threat Detection and Response
Proofpoint Shadow uses modern deception technology to stop attackers before they know it.
If you’re using traditional signatures or behavioural analysis as methods for detection, your security team can be overwhelmed with false positives or alert fatigue. To consistently detect modern attacks, you need deceptive technology techniques that give you high-fidelity detection of privilege escalations and lateral movement. Unlike traditional approaches, Proofpoint Shadow uses agentless methods to actively engage attackers in your production environment for the sole purpose of detecting their existence.
Features and Benefits
Stop attackers from moving laterally by transforming every endpoint into a web of deception
Agentless detection and protection
With Shadow, you get a unique agentless approach that benefits both your IT administrators and security teams. Built on intelligent automation, it’s designed to have a light operational footprint to minimise the impact on IT. And it can’t be disabled or circumvented by attackers like other agent-based solutions.
Getting started with Proofpoint Shadow
Over 75 deception techniques
Use active deception techniques to imitate credentials, connections, data, systems and other artifacts that appear useful to the attacker. This helps you ensure early detection of both insiders and external attackers—no matter where compromise begins.
Automated deception
The Shadow intelligent automation system provides you with a highly authentic deception environment that scales and adapts over time. And it’s one that requires very little human effort. Shadow analyses the endpoint landscape and designs tailored deceptions for each machine. It then deploys them through a one-click process, and manages the ongoing process of adjusting and managing deceptions over time.
A view from the attacker’s perspective
With the Shadow management console, you can see how close attackers are to critical assets, and you get a full timeline of attacker activity once deceptions are engaged. You can also see how attackers perceive the deceptive data, and much more intelligence on attacker activity.
Deceptive Microsoft 365 Beacon Files
With Shadow, you can automate the creation and customisation of hundreds of thousands of deceptive Microsoft Word and Excel documents. These documents are indistinguishable from the genuine article, right down to the usage of company logos and letterhead. And these seemingly real documents can be loaded with fake data that sets off an alert as soon as an attacker tries to use the information to gain access.