Acalvio Honeytokens for Identity Protection

About Honey Accounts and Honeytokens

Honeytoken accounts are deceptive user accounts and service accounts created in Active Directory (AD). They are specifically designed to lure attackers away from critical resources. Honeytokens are deceptive credential profiles that are deployed in identity caches on endpoints. Together, they are extremely effective at detecting identity threats.

CrowdStrike Falcon^® Identity Protection has in-built support for monitoring honey accounts and a policy-based identity threat containment and response mechanism. Any access or alterations of honey accounts trigger a dedicated high-fidelity detection, giving SOC analysts visibility into the detailed insights and adversary attack path.

Use of Crowdstrike honeytoken accounts and honeytokens in cybersecurity for identity protection

Watch this webinar to learn about the challenges with identity-driven attacks, the benefits of honeytokens for detecting identity threats and Acalvio’s platform that provides enterprise-scale honeytokens for identity protection.

watch on demand webinar

Acalvio's advanced AI solution to quickly operationalize Honeytoken accounts

Operationalizing Honey Accounts and Honeytokens requires a platform

Manual creation of honey accounts and honeytokens is cumbersome and challenging. Administrators are faced with challenges around naming these accounts, making them attractive to attackers and deploying them at scale.

Acalvio’s mature and proven deception platform enables CrowdStrike identity customers to operationalize honey accounts and honeytokens at enterprise-scale. Enterprises gain the benefits of honey accounts and honeytokens without the administrative challenges associated with manual deployment approaches.

Key Benefits of Honeytoken accounts and Honeytokens for Identity Protection

Comprehensive identity threat detection: detect known and unknown (zero-day) threats.

Operationalizes CrowdStrike Honeytokens capability.
Zero-touch deployment – requires no Acalvio agent or software in customer’s network.
Enterprise-Scale: Supports multiple AD Domains and thousands of Endpoints.
Advanced AI-based configuration of blended and attractive Honey Accounts and Honeytokens.
Autonomous: Honeytokens deployment and refresh lifecycles are fully automated.

benefits of honeytoken accounts and honeytokens for identity protection

Effective honeytokens and honeytoken accounts

Acalvio Helps Crowdstrike Identity Protection Customers Operationalize Honey Accounts & Honeytokens.

Automated Al-driven recommendation of Honey accounts across multiple AD domains

Honey accounts made attractive to attackers
Automated recommendation of Honey account types (user accounts, service accounts), count and attributes

Automated recommendation and deployment of honeytokens at scale across tens of thousands of endpoints
- Transparently deployed into identity caches on endpoints
- Designed to be hidden from legitimate users
- Visible to attackers via tools & scripts

Seamless Integration:
Acalvio ShadowPlex and CrowdStrike Falcon^® Identity Protection

Acalvio ShadowPlex is pre-integrated with CrowdStrike Falcon^® for ease of adoption and immediate time to value

Acalvio’s integration with CrowdStrike Identity Protection is powered by the Acalvio SaaS Service
No software installation on the enterprise network
Identity threat detections surface in the CrowdStrike console, ensuring no change for SOC and IR workflows
Native integration eliminates need for field programming
Scalable architecture protects multiple Active Directory Domains & tens of thousands of endpoints

Integration of Acalvio ShadowPlex and CrowdStrike Falcon® for enhanced monitoring of honeytoken accounts and honeytokens

GigaOM recognized Acalvio as a leader in deception technology.

Gartner^® recognized Acalvio as a Tech Innovator in their research Emerging Tech: Security-Tech Innovators in Automated Moving Target Defense (AMTD). AMTD is anchored on deception technology.

Acalvio provides the best protection against the advanced cyber threats today and in the future.

“Acalvio’s solution is an innovative and unique offering that addresses identity exploits, the most critical cyber threat today.”

Sean Dobson CISO at Wafra

Schedule a free consultation with Acalvio ITDR experts

Protect your identities and stop breaches with Acalvio honeytokens