Formaltech Announces Availability of CyberChaff™ 3.0
Formaltech is pleased to announce the release of version 3.0 of CyberChaff™ cyberdeception and early alert system. This release includes numerous feature additions, expanding CyberChaff’s deception capabilities and providing more options for simplified network integration and manageability. Developed in consultation with global enterprise cybersecurity researchers, CyberChaff meets enterprise integration needs for cyberdeception while easily integrating with leading OEM cybersecurity platforms including IDS, SIEM, analytics, and orchestration systems.
A major deception capability added into the new release of CyberChaff includes the addition of over 3,500 devices and operating system signatures, enabling CyberChaff to create a large array of decoy devices on a network that emulate many of the major devices found on enterprise networks, as well as in critical infrastructure, industrial, and IoT applications.
CyberChaff also includes a new “service forwarding,” or proxy capability that can work in conjunction with high-interaction honeypots to expand the network surface area of existing honeypots. CyberChaff can provide a scaling ability for existing honeypots without requiring IT or security administrators to manage full featured devices – reducing the TCO for your deception systems while expanding their footprint.
To simplify enterprise and OEM integration and manageability, new management features include the ability to:
- Integrate across multiple VLANs from a single instance – further reducing management overhead and hosting requirements.
- Integrate into 3rd party automation and orchestration systems with a JSON-based CyberChaff API.
- Integrate into existing SIEM/IDS and analytic systems with JSON (CIM) and CEF syslog output.
- Deploy using any Red Hat or Debian-based Linux distro as the central CyberChaff management console.
The new additions in release 3.0 add to CyberChaff’s ability to detect, deceive and slow attackers and malware by providing a scalable, low-overhead proactive network defense. Key to CyberChaff’s value is its low false positive rate, its extremely small resource consumption, and its secure architecture compared to other cyberdeception technologies. These properties make CyberChaff ideal for integration into datacenter, branch, and remote office deployments, as well as for integration into OEM solutions.