Attack Intelligence System





 Gain actionable, forensic insights for faster cyber

 incident response.



 With ASM cleaning the Azure AD   is occurring contained in typical
 environment, ransomware attackers   security tool alerts, and it helps speed

 have little choice but to engage with   investigation and incident response

 the deceptions Illusive places in their   times. Responders now have the ability

 path. Once ransomware attackers engage  to prioritize incidents based on potential
 with Illusive deceptions, Illusive Attack   impact and capture the detail-rich

 Intelligence System springs into action,   forensic data needed to shape the full

 collecting real-time source forensics   cyber incident investigation, and they

 from the endpoint where attackers are   can also collect these forensics on
 operating. This deterministic approach   demand for alerts triggered by Microsoft

 is based on attacker behavior, rather   solutions, such as Azure Sentinel and

 than the probability that risky behavior   Microsoft Defender for Endpoint.













 With Illusive Attack

 Intelligence System:



 •  Endpoint forensics are instantly captured
 from compromised hosts when a deception is
 tripped, including screenshots and volatile and
 nonvolatile system data.

 •  The Forensics Timeline presents a roll-up of all
 incident data in an easy-to-use, time-stamped,
 and sortable format.                                              CASE STUDY 


 •  The Attacker View Management Console shows
 the proximity of the ransomware attackers to
 the organization’s critical business systems.