Dear readers, please treat this post as a form of analyst psychotherapy! As we are entering our 4th month of deception research (with one deception paper out already and one more under development), this question is the proboscidean in the room.
Frankly, we are afraid to ask this question aloud: Will threat deception fizzle again?
Ok, us security old-timers (did I really say that?) remember the glorious rise of threat deception … in 1999. ManTrap, CyberCop Sting, SPECTER and other products represented a golden age of the honeypot. Honeynet Project launched in 1999 as well (I joined in 2002). Lots of excitement was there! A few great books came out.
And then … several years later (say, by 2004), all gone, turned to dust, products dead, concepts forgotten, hopes dashed. “Deception winter” lasts until about 2014 … 10 cold years.
As I write this in 2019, deception is a healthy – if small – security market. Our upcoming comparison focuses on six vendors that we see in customer inquiry (why?). Vendors report decent deal flow, happy customers, and show evidence of technology that works. Some even report seeing deception budgets at some clients.
However, and here is where the elephant becomes visible, the question remains: will deception stay this time or go again? Frankly, I can justify either position, and with passion. Hence, this post.
Will deception occupy a permanent spot in our security arsenal … or become a fad that died again?
Arguments for stay?
Arguments for go?
Posts related to deception research:
- Our Updated “Applying Deception Technologies and Techniques to Improve Threat Detection and Response” (2019) Publishes
- Deception vs Analytics, or Can Analytics Catch True Unknown Unknowns?
- APT-Ready? Better Threat Detection vs Detecting “Better” Threats?
- Better Data or Better Algorithms?
- Tricky: Building a Business Case for A Deception Tool?
- It Is Happening: We Are Starting Our Deception Research!
- “Deception as Detection” or Give Deception a Chance?
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.