Todos los productos
SOFTWARE / APPLIANCE / WORKSTATIONSB2BB2G
AVALON logo

AVALON

Deception-Based Early Threat Detection

AVALON is DataEnforce's deception platform: it generates and distributes synthetic decoys throughout the customer's infrastructure, then monitors for any interaction. Because legitimate users have no reason to touch decoys, every alert is by construction a high-confidence signal — no tuning, no false-positive fatigue. AVALON analyses network topology and automatically generates decoys that fit the environment: phantom credentials, canary tokens, decoy file shares, shadow Active Directory objects, and fake services. Decoys are re-planned periodically so attackers cannot map the deception layout from a single foothold. Deployed standalone or integrated with OSPREY for unified telemetry and correlated detection across endpoint and deception layers.

Solicitar una demo Sesión técnica

DETALLES DE LA PLATAFORMA

Categoría

Deception

Plataformas
WorkstationServer
Mercados
B2BB2G

Tecnología propietaria DATAENFORCE. Sin componentes de seguridad de terceros.

CAPABILITIES

Características Clave

Automated Decoy Generation

Analyses network topology, Active Directory structure, and file-share patterns to automatically generate decoys that blend into the environment — filenames, hostnames, credentials, and services indistinguishable from real assets.

Multi-Layer Deception Coverage

Deploys across every layer an attacker traverses: decoy files and canary tokens on endpoints, phantom credentials in Active Directory, fake service listeners on dark IPs, decoy hosts, and internal DNS records.

Zero-Day Interaction Detection

Any interaction with a decoy is by definition suspicious — legitimate users have no reason to touch them. AVALON delivers high-confidence alerts with near-zero false-positive rate, no baseline tuning required.

OSPREY Integration

Shares the OSPREY ingestion path and console for unified telemetry. Decoy interaction events correlate with endpoint observations, enabling cross-source rules such as credential theft followed by network lateral movement.

Dynamic Re-Planning

Periodically rebuilds and relocates the deception layout so adversaries cannot map the trap perimeter from a single foothold. Decoy personas refresh on a configurable cadence.

High-Fidelity Alerting

Every alert is classified Alta by default. Captures full TTP context per interaction — attacker identity hash, process, source IP, decoy class, and ATT&CK stage — ready for immediate IR action.

HOW IT WORKS

Deception Platform — Live Simulation

AVALON Network Defense
Malware is attracted, isolated, and contained
Server
Workstation
AVALON Honeypot
Malware

DESPLIEGUE

Casos de Uso

  • Early detection of APT lateral movement in government and defence networks
  • Insider threat corroboration via credential and file decoys on sensitive endpoints
  • Network reconnaissance detection before exfiltration reaches real assets
  • Active Directory enumeration alerting against BloodHound, Kerberoasting, and pass-the-hash
  • Zero-day attack surface reduction across enterprise workstation and server fleets

¿Interesado en AVALON?

Contacte a nuestro equipo para una sesión confidencial o una demostración técnica.

Solicitar demo
Anterior
INFOTRACK
Siguiente
VALIANT