As my illustrious colleague mentioned, we are starting a new research project, one we wanted to run for a while, about DECEPTION. While there is already Gartner research on the topic (this and this), we at Gartner GTP will approach this from an end-user perspective, as always.
So, in the next few weeks we will be running around asking questions such as:
- Why did you decide to employ deception and/or deploy deception tools?
- What helped you prioritize deception over other security technologies?
- What is/are your current use cases with deception technology?
- How did you test the tools?
- How do your daily operational practices around deception look like?
- What security processes and practices are affected by your use of deception?
- Any challenges with adopting deception tools in your organization?
Finally, a call to action! If you recently deployed deception tools, please let us know. Example vendors include TrapX Security, Attivo Networks, Illusive Networks and Cymmetria. If you are a vendor who somehow failed to brief us on your deception approaches, you know what to do.
Our related blog posts on deception: