Case Studies Aflac, Inc. Uses Deception for Zero-False-Positives Threat Detection

Edit This Case Study Record

	Aflac, Inc. Uses Deception for Zero-False-Positives Threat Detection

Aflac, Inc. Uses Deception for Zero-False-Positives Threat Detection

Technology Category	Cybersecurity & Privacy - Intrusion Detection Cybersecurity & Privacy - Network Security
Applicable Industries	Finance & Insurance
Applicable Functions	Business Operation
Use Cases	Cybersecurity Intrusion Detection Systems Remote Asset Management
Services	System Integration Testing & Certification
Challenge	The infosec team saw the ever-changing landscape of threats as the biggest challenge that faced their organization. The threats were everywhere. And with a gap in their ability to detect new strains of attacks, the organization needed a device that was able to catch zero-day and signatureless threats. Additionally, the team found devices that generated a lot of alarms and whistles to be very distracting because of the rate of false positives that were produced – so much so that they were determined to find a solution that generated zero false positives. They didn’t need more alerts, they needed quality alerts. Read More
About Customer	Aflac, Inc. is a Fortune 500 insurance provider known for its supplemental insurance policies. The company has a mature security posture and has implemented high-end cybersecurity technology into its network. However, Aflac faced challenges in early and accurately detecting new and emerging threats within their network. Despite having high-end prevention devices and practices, they recognized a gap in their ability to quickly detect threats that penetrated their network. This led them to seek a solution that could provide early and accurate threat detection with zero false positives. Read More
Solution	The infosec team chose the ThreatDefend Deception and Response Platform because it allowed them the ability to detect threats inside their network that other technologies missed entirely. Moreover, the level of camouflage that deception technology employs as well as the ability to mimic the hygiene of the network provided complete authenticity – meaning an attacker would not be able to tell the difference between the deceptive assets and the organization’s critical assets. Additionally, the team is using the ThreatDefend solution as a means for early detection of ransomware attacks. The team deployed the ThreatDefend Deception Platform throughout their network and assigned ThreatStrike deceptive credentials to their endpoints in order to detect the threats that were inside their network as well as any misconfigurations that might be present. To test the full detection capabilities of the ThreatDefend, they hired a white hat hacker to run a penetration test on their network. The hacker spent over two hours trying to hack the web services of a decoy system placed in the network. The infosec team caught him very early on and was able to quarantine him and study his attack methods throughout the entire penetration test. By diverting the hacker, the ThreatDefend Solution protected all of the organization's critical assets. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Intrusion Detection

Cybersecurity & Privacy - Network Security

Applicable Industries

Finance & Insurance

Applicable Functions

Business Operation

Use Cases

Cybersecurity

Intrusion Detection Systems

Remote Asset Management

Services

System Integration

Testing & Certification

Challenge

The infosec team saw the ever-changing landscape of threats as the biggest challenge that faced their organization. The threats were everywhere. And with a gap in their ability to detect new strains of attacks, the organization needed a device that was able to catch zero-day and signatureless threats. Additionally, the team found devices that generated a lot of alarms and whistles to be very distracting because of the rate of false positives that were produced – so much so that they were determined to find a solution that generated zero false positives. They didn’t need more alerts, they needed quality alerts.

About Customer

Aflac, Inc. is a Fortune 500 insurance provider known for its supplemental insurance policies. The company has a mature security posture and has implemented high-end cybersecurity technology into its network. However, Aflac faced challenges in early and accurately detecting new and emerging threats within their network. Despite having high-end prevention devices and practices, they recognized a gap in their ability to quickly detect threats that penetrated their network. This led them to seek a solution that could provide early and accurate threat detection with zero false positives.

Solution

The infosec team chose the ThreatDefend Deception and Response Platform because it allowed them the ability to detect threats inside their network that other technologies missed entirely. Moreover, the level of camouflage that deception technology employs as well as the ability to mimic the hygiene of the network provided complete authenticity – meaning an attacker would not be able to tell the difference between the deceptive assets and the organization’s critical assets. Additionally, the team is using the ThreatDefend solution as a means for early detection of ransomware attacks. The team deployed the ThreatDefend Deception Platform throughout their network and assigned ThreatStrike deceptive credentials to their endpoints in order to detect the threats that were inside their network as well as any misconfigurations that might be present. To test the full detection capabilities of the ThreatDefend, they hired a white hat hacker to run a penetration test on their network. The hacker spent over two hours trying to hack the web services of a decoy system placed in the network. The infosec team caught him very early on and was able to quarantine him and study his attack methods throughout the entire penetration test. By diverting the hacker, the ThreatDefend Solution protected all of the organization's critical assets.

Impact #1	By deploying the ThreatDefend Deception Platform throughout their network, the team achieved their goal of no false positives and only high-integrity alerts. This greatly reduces the amount of 'noise' their team needs to respond to given that they are not chasing dead ends that other devices generate.
Impact #2	The team can be fully confident that the threats that penetrate their network will not only be detected quickly, but also will be diverted away from their critical assets and be quarantined for detailed attack forensics.
Impact #3	The ThreatDefend platform identifies any misconfigurations that are present in the organization’s network. This allows them to patch any areas that are especially susceptible to attackers, greatly strengthening their ability to prevent attacks in the future.

Impact #1

By deploying the ThreatDefend Deception Platform throughout their network, the team achieved their goal of no false positives and only high-integrity alerts. This greatly reduces the amount of 'noise' their team needs to respond to given that they are not chasing dead ends that other devices generate.

Impact #2

The team can be fully confident that the threats that penetrate their network will not only be detected quickly, but also will be diverted away from their critical assets and be quarantined for detailed attack forensics.

Impact #3

The ThreatDefend platform identifies any misconfigurations that are present in the organization’s network. This allows them to patch any areas that are especially susceptible to attackers, greatly strengthening their ability to prevent attacks in the future.

Benefit #1	Achieved zero false positives in threat detection.
Benefit #2	Reduced the amount of 'noise' in alerts, focusing only on high-integrity alerts.

Benefit #1

Achieved zero false positives in threat detection.

Benefit #2

Reduced the amount of 'noise' in alerts, focusing only on high-integrity alerts.

Download PDF Version

Overview

Aflac, Inc. Uses Deception for Zero-False-Positives Threat Detection

Operational Impact

Quantitative Benefit