Gartner Blog Network


Are Gartner client’s interested in threat deception?

by Lawrence Pingree  |  July 6, 2016  |  10 Comments

From time to time, I get client inquiries that ask, “Is someone interested in this technology?”.  I have recently covered deception techniques and technologies, and because of that I’ve received quite a few calls asking that question on this technology.

Well, in the spirit of giving, I figured I’d give folks a taste of how much visibility Distributed Deception Platform providers have been seeing lately.  Results of my analysis for Distributed Deception Platform (DDP) providers are below. As we can see, over 284 searches were performed during the past year for specific providers in the  threat deception market.

NOTE:If you want more detail (for example geographical demand and segment demand) you’ll need to obtain access to Gartner’s Search Analytics and market Stats.   Gartner clients with the appropriate subscription to search analytics see the function by navigating to “Explore, then click the menu blue right arrow, then click Metrics and Tools”. In essence, we measure what people look for on our website search function and allow client’s to analyze our search results (protecting client anonymity of course!).

Gartner Search Analytics Statistics for (Gartner.com):

Distributed Deception Platform Providers

Smokescreen 0
Jevelin Networks 1
TopSpin 16
Cymmetria 17
Guardicore 35
Illusive Networks 38
Attivo Networks 65
TrapX 112
Total 284

 

Category: security  trends-predictions  

Lawrence Pingree
Research Director
6+ years with Gartner
19 years industry experience

Lawrence Pingree is a Research Director in Gartner's Security Technology and Service provider group. His responsibilities include providing critical insights to both end users and technology providers. He closely tracks the information security markets, technologies, technology and adoption trends, and competitive market dynamics.… Read Full Bio


Thoughts on Are Gartner client’s interested in threat deception?


  1. And it is entirely possible that it is vendor searching for other vendors, dude :-)

    • Lawrence Pingree says:

      The Search Analytics feature sorts the search results by Industry, so its valuable for targeting marketing programs etc.

    • Lawrence Pingree says:

      It is my understanding that the Search Analytics tool eliminates Analysts (Gartner Employees) from the stats, I’m not sure if the providers are removed so there likely is some of that, but in either case it is Gartner client interest :)

      • Lawrence Pingree says:

        I checked into this, and each Gartner client user subscription is tagged, for example End-User, investor, tech provider. The search analytics only includes End-User searches.

  2. Tom Rogers says:

    I think it is a good metric to identify the thought leadership and perhaps the market leadership. I did a google query or to and trapx has a mountain of press coverage and seems to be authoritative within healthcare as industry experts. attivo follows distantly and the rest are mostly invisible. lawrence, the metric is a good one and I’d like to see it updated frequently for many categories gartner covers. thx

    • Lawrence Pingree says:

      Hi Tom,
      The capability is built-into the Gartner website, so you’d need to check your subscription to determine if you have access. The stats change daily.

    • Tom,

      TrapX news coverage just the past 3 weeks. They don’t even have it on their website. Took awhile to dig it out. I may have missed an article or two. Your analysis looks fairly accurate to me.

      1. ZDNet, New exploits target hospital devices, places patients at risk – 6.27.2016
      2. Health Data Management, New malware uses old operating systems to spread attacks – 6.27.2016
      3. ComputerWeekly, Hospitals targeted using camouflaged old malware – 6.27.2016
      4. NetworkWorld, MEDJACK 2: Old malware used in new medical device hijacking attacks to breach hospitals – 6.27.2016
      5. SecurityWeek, New Tools Disguised as Old Malware in Hospital Attacks – 6.27.2016
      6. NetworkWorld, The untold security risk: Medical hijack attacks – 6.27.2016
      7. FierceTechExecutive, Spotlight On… TrapX Labs details evolution of hospital network hackers; Intermountain docs use 3-D printed kidney to determine treatment; Elekta launches novel cervical cancer treatment device; and more… – 6.27.2016
      8. Outlook Series, MEDJACK 2 Attacks Hospital Devices – 6.27.2016
      9. Beckers Hospital Review, Medical device hacking on the rise – 6.27.16
      10. eWEEK, TrapX Study Points to Invasive Attacks Against Hospitals – 6.28.2016
      11. IT Pro Portal, New medical hijack attacks targeting hospital devices – 6.28.2016
      12. The Register, US hospitals hacked with ancient exploits – 6.28.2016
      13. DarkReading, Attackers Wrapping New Tools In Old Malware To Target Medical Devices – 6.28.2016
      14. Digital By Default, Hospital tech targeted by hackers – 6.28.2016
      15. Politico, Morning Cybersecurity – 6.28.2016
      16. Tom’s IT Pro, New Medical Device Hijack Attacks Hide In Old Malware – 6.29.2016
      17. The Operating Theatre Journal, New Medical Hijack Attacks Targeting Hospital Devices – 6.29.2016
      18. Security Affairs, Hospitals Falling Victim to Old Malware – 6.29.2016
      19. Bill Mullins’ Weblog – Tech Thoughts, Tech Thoughts Net News – Monday – June 27, 2016 – 6.29.2016
      20. Medical Device and Diagnostic Industry, Here’s How Medtech Cyber Attacks Are Evolving – 6.29.2016
      21. SC Magazine, X-ray and MRI machines among devices used as springboards for data breach attacks – 6.29.2016
      22. ThreatPost, CONFICKER USED IN NEW WAVE OF HOSPITAL IOT DEVICE ATTACKS – 6.30.2016
      23. ThreatPost, MASSACHUSETTS GENERAL HOSPITAL CONFIRMS THIRD-PARTY BREACH – 6.30.2016 24. Softpedia, Hospitals Targeted in New Wave of Medjack Attacks – 7.1.2016
      25. Security Ledger, Chronic Condition: Study Finds Medical Device Flaws Go Unfixed – 7.1.2016
      26. TechTarget SearchSecurity, Enterprise encryption strategies rise as firms’ use of encryption grows – 7.1.2016

  3. Hi Lawrence,

    Thanks for the coverage of deception. Like with all metrics, its a data point, which is likely not an accurate reflection of market leadership and my guess skewed a bit by vendor look up.

    That all said, I am glad to see that Gartner is also seeing deception market interest growing. Attivo has seen a material change in interest and growth in customers over the last year and this is a nice validation that there is more to come.

    Tom – please take a look at Owler to get another view on press coverage. In this report, Attivo is 41.9% vs TrapX 25.8%. Sign up and tracking is free so anyone can access this data.

  4. Thanks for the coverage Lawrence. I’m sure you’ll be hearing a lot more about us soon! :)

    Best,

    Raviraj
    Smokescreen Technologies

  5. Great info Lawrence, and certainly we at TrapX have seen a tremendous growth in interest surrounding Deception for Enterprise security over the years.

    Carolyn – as for Owler stats, I can certainly say that they are not known for creating metrics on industry coverage, especially as it believes there have only been 14 articles in the last 30 days for 7 vendors in our space. Owler relies on community contribution for its numbers, and since mainly vendors contribute, it is very superficial.

    As Tom highlighted, we at TrapX have received at least 30+ direct press mentions in the last two weeks alone – which makes Owler’s total 14 press mentions for the space very misleading.

    The reason I like Gartner’s stats is that it shows real customer interest in specific technologies and/or vendors, not how many times vendors can convince a journalist to mention them, or sway a platform’s numbers.

    We have obviously been very successful in generating customer interest and will continue the charge.

    Anthony.



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.