Main -
Solution
Solution
Xello Deception - ultimate protection of corporate networks
against targeted APT attacks
Xello Deception
Xello Deception Platform – a simulated corporate network where the intruders will reveal their objectives.
The technology creates decoys and traps in the form of user credentials, servers, services and sites. This actively lures the attacker into a dense network of false data. The solution takes effect after the “traditional” means of protecting the corporate network have been bypassed, but before the attackers have reached their target.
Download Whitepaper
Dexem - an AI driven patented technology
Effective even after the perimeter protection is bypassed
Reduces the time from the moment of intrusion to the moment of detection
Detection of targeted APT attacks in real time
Xello Deception Platform detects the attack
and deceives the attacker
Using artificial intelligence, Dexem's patented technology makes the decoys as realistic as possible and identical to the existing assets of the corporate network, driving the attacker into set of traps.
Xello Deception Platform
Xello Endpoint Deception Module
Collects forensics in an agentless way and distributes the decoys. Mimics real hosts as a network of decoys and traps
FullOS TRAP module
A trap server with full access to the operating system. Completely copies real production servers and turns them into trap servers
Xello Management Center Module
Automates and manages all fake layer through a single server. Integrates with all related systems: Active Directory, DNS, SIEM, Email, etc.
Event Collector Module
Collects and processes events from all sources of the platform and related systems for instant incident response
Xello Deception Platform
Xello Deception integrates as an additional layer of protection and enforces traditional security technologies such as antivirus, sandbox or NGFW.
Decoys tailor-made for your network
Analysis of existing information assets: servers, databases, accounts in the corporate network and generation of similar names
The decoy database will not fall
into the hands of intruders
Our decoy database will never be sold on the darknet, because it does not exist until it is integrated into your network. Created exclusively for your network, it can only be reproduced in your network
Adapted decoy
context
Algorithms for generating decoys and traps adapted to specific industries
Agentless way of distribution
and management
No host agent to place traps and maintain communication with the management server, thus it is impossible for an attacker to detect the solution
Cleaning absolutely all traces
of work
All information about decoys distributed over the network is stored in the system; when deleted, there is no impact on the infrastructure
Integration with SIEM
systems
Response and monitoring can be made more efficient by integrating Xello Deception with a SIEM system. The platform guarantees a low false positive, which saves SOC resources
Frequently Asked Questions
How long will it take to implement the Xello Deception Platform?
Platform implementation takes between a week and a month. Installation requires two virtual machines with Windows Server 2016 or later.
Is Deception technology a honeypot?
The main goal of Deception is to detect an attacker long before he gets close to his target. While the honeypot serves to study the actions of the attacker. Our solution also uses honeypots, but this is only one of the components of the platform. The Xello Deception Platform uses a complex deception mechanism where the honeypot is just one of the modules of the solution.
Why should I use the Xello Deception Platform instead of an open-source solution?
There are many open source projects related to honeypots in addition to several public platforms. Here's what you need to know about open source projects:
• Honeypot is not a full Deception platform, but it is an important part of the platform
• Honeypots are not automatically distributed to hosts within the network
• There is no unified management system
• Requires manual configuration and is not customizable
• No support and commitment from developers
• All methods and solutions have long been known to cybercriminals
• Honeypot is not a full Deception platform, but it is an important part of the platform
• Honeypots are not automatically distributed to hosts within the network
• There is no unified management system
• Requires manual configuration and is not customizable
• No support and commitment from developers
• All methods and solutions have long been known to cybercriminals
How deep is the integration with the existing infrastructure?
Our platform does not require deep intervention:
• No need to integrate with the core of the network (Core Switch)
• Decoys on hosts are managed agentlessly
• No need to integrate with the core of the network (Core Switch)
• Decoys on hosts are managed agentlessly
How can I try the Xello Deception Platform?
We will work with you to design a pilot project for your computing resources, which you can evaluate during a trial period. Typically a trial lasts about one month.
What happens if an attacker falls into a "trap"?
As soon as an attacker falls into a trap, it will be detected and the platform will send an alert in real time.
Are all decoys and traps really unique to each customer?
Yes, all decoys and traps are generated based on analysis of your corporate network.
What post-sales service does Xello provide?
We provide technical support and updates during the license period for Xello products. We also provide all customers with access to our Support Portal.
How to become partners?
Email us at partners@xello.net or fill out the feedback form.
Follow Xello News
We cover all the most important and interesting news in the information security industry
Read all news
Book a live demo
Xello Deception
