Home/CyberChaff/CyberChaff – For Partners
CyberChaff – For Partners 2018-02-21T13:10:37-08:00

In the armed forces, chaff is a cloud of material spread behind a target, designed to confuse either detection or attack. CyberChaff uses the same concept to thwart and detect address cyber-attacks.

CyberChaff provides a new level of network protection and actionable intelligence for enterprises, governments and universities looking to deploy network intrusion detection and network protection, without the high rate of false positives typical in traditional IDS systems. Because no valid network users should connect to a CyberChaff false host, connection events provide high value information to cybersecurity professionals and are high indicators of compromise.


Your networks without CyberChaff™

Download the Whitepaper today!

CyberChaff also provides false attack surface expansion, by creating large numbers of secure, false hosts/devices on a network that can funnel attackers to a low number of existing honeypots. Enterprises may configure large numbers of CyberChaff to forward connection requests to a low number of vulnerable, high-interaction honeypots.


With CyberChaff™

Resellers, Managed Service Providers and Integrators can use CyberChaff to provide additional levels of security for your customers while positioning yourself as an advanced technology leader. Offering CyberChaff enables incremental sales and technical service opportunities, or ongoing managed services revenues. CyberChaff provides actionable intelligence for your customers, without the high rate and high cost of false positives typical in IDS systems – increasing customer satisfaction while lowering system management costs.

CyberChaff can be used as an effective up-sales tool for Resellers, Managed Service Providers and Integrators. By installing CyberChaff units in your customer’s networks, you can discover network security vulnerabilities that can lead to incremental engagements beyond simple CyberChaff deployment. Customers discovering actionable items though the CyberChaff may engage you incremental service engagements such as vulnerability assessments, information security modernization, and more.

CyberChaff provides extensive deception capabilities that are easily configurable, providing for high fidelity deception that can be customized to match your customer’s networks including,

  • Simulation of over 3,500 different devices and operating systems.
  • Lightweight simulation of a wide array of services.
  • Customizable MAC vendor prefixes
  • Service forwarding on any TCP/UDP port, to high-interaction honeypots

CyberChaff provides extensive integration capabilities making deployment possible in under 30 minutes. Key integration capabilities include:

  • Supports static IP and DHCP for false nodes
  • Supports VLAN separation of management console from false nodes. Supports multiple VLANs for false nodes, from a single instance of CyberChaff.
  • Provides JSON over SSH protocol for remote management by administrators or 3rd party network management software.
  • Generates alerts in syslog format, including raw, CEF, and JSON format – for easy integration into your customers existing IDS or SIEM.

CyberChaff is available integrated in hardware appliances or in virtual editions (subject to minimum system requirements).