In an ever-changing threat landscape, reacting to digital threats is no longer sufficient. BSE (Bombay Stock Exchange) wanted to stay ahead of the curve by implementing ‘active defenses’, solutions that can pro-actively detect and respond to attacks as rapidly and efficiently as possible.
Coupled with the need to be one-step ahead, BSE required high internal visibility of activities on their network, with an extremely low ‘false positive’ ratio, so the security teams can focus on engaging real threats.
BSE is Asia’s oldest, and the world’s fastest exchange, with a median trade time of 6 microseconds, and a market capitalization in excess of USD 2 trillion. By virtue of this position, it is on the front-lines of cybersecurity, BSE’s systems are targets for not only the most highly motivated ﬁnancial cybercriminals, but also advanced nation state attackers.
“BSE is Asia’s oldest, and the world’s fastest exchange, with a median trade time of 6 microseconds, and a market capitalization in excess of $2 trillion.”
The solution had to also have absolutely no performance impact on the network or endpoints that may impact trading or business operations.
The stock exchange at Mumbai has a 'zero compromise' approach to cybersecurity, selecting only the best-in-class security technologies to protect its systems and data.
Smokescreen’s deception technology creates a layer of decoys across the entire network. When hackers attack, they unknowingly engage decoy systems that lead them into a virtual reality while raising an alarm. Deception technology makes the network exponentially more difficult for attackers to predict, understand and attack.
Smokescreen’s technology met the three major criteria that BSE had set down, providing visibility across the environment, along with no performance impact and the lowest false positives of any other class of solution.
“Smokescreen’s solution detects human-driven attackers effectively and signiﬁcantly reduces the ‘time to identify’ and ‘time to respond’ metrics that are crucial in incident handling.”
CISO, BSE Ltd
Smokescreen’s IllusionBLACK distributed deception platform was selected for its ability to centrally deploy, manage, notify, and respond to attacks that may bypass the perimeter defenses.
“Smokescreen’s solution detects human-driven attackers effectively and signiﬁcantly reduces the ‘time to identify’ and ‘time to respond’ metrics that are crucial in incident handling,” says Shivkumar Pandey CISO, BSE Ltd.
Smokescreen’s multi-decoy architecture makes deception pervasive across networks, applications, and endpoints. IllusionBLACK network decoys are deployed rapidly across VLANs to provide visibility into east-west traffic and identify lateral movement.
Smokescreen uses deep insight into how apex hackers operate to build deception based defenses. The company’s IllusionBLACK is the industry’s most advanced decoy technology, bringing military deception principles to the digital battleﬁeld.
Credential decoys are used to agentlessly detect attempted privilege escalation at the endpoint level. Threat intelligence decoys provide predictive analytics of impending infrastructure mapping attempts, and identify Internet-originating attacks mapping BSE’s external infrastructure.
Finally, ﬁle decoys protect high-value target personnel, who may be speciﬁcally targeted as part of a campaign to obtain their access rights or information
“Smokescreen’s solution provided visibility across the environment, along with no performance impact and the lowest false positives of any other class of solution.”
Ease of integration was another driving factor; IllusionBLACK seamlessly integrated with IBM’s Qradar SIEM platform that BSE uses for uniﬁed security monitoring.
BSE doesn’t compromise on security, and Smokescreen met the high bar they have for targeted threat detection technologies.