Covert Intrusion Detection
HOW IT WORKS?
DuckMines are like tripwires that can be set up on other parts of your existing infrastructure. This allows for detection of a breach in the event an intruder accesses other systems before reaching the Duck. DuckMines are software components installed on your infrastructure to detect the breach.
How do we do this? We use some old existing technology and concepts but provide the backend infrastructure to make it easy for our clients to set up the DuckMines. Similar to how marketing emails can track what emails have been opened/read and links clicked, we embed 1×1 pixel into files that once opened will contact our backend to pull in the data, this happens without the intruder noticing, and thus alerting us that someone has accessed a file. Each Duckmine alert provides enough information to tell you at a very early stage what device was breached and from what IP it happened.
For example, we go to the accounts server and add a file called bank_account_details.docx with a DuckMine installed. If someone steals that file and opens it, we will get a notification that the file has been accessed and who (IP) accessed it. This will give you an instant notification that unauthorized access has taken place.
Thanks to this, detecting a breach becomes a proactive notification that you receive instead of a time consuming reaction of an audit or needing other costly systems (like a dedicated IDS/IPS) that require specialized skills to manage. In simple terms, you have more time and resources to grow your business.Recent studies show that the average breach took over 200 days to detect.
Our Duckmines are compatible with:
● Web Bug
● DNS
● AWS API Key
● Azure Login Certificate
● Microsoft Word, Excel
● Macro enabled tokens
● Sensitive Command
● Slack API Key
● Windows Folder
● Custom Exe/Binary
● AWS S3 Bucket
● Custom Web Image
● Office 365 Mail Bug
● WireGuard VPN
● Cloned Website
● QR Code
● Acrobat PDF
● Slow/Fast Redirect
● Google Docs/Sheets
● Gmail
Speak to us and let us help you safeguard your data and network. Protect your reputation, protect your and your customers data, protect your Board of Directors with their duty of Due Care and Due Diligence, and protect yourself against regulatory requirements.