* 1. Please provide the following information:

* 2. How do you assess the value of deception technologies as a contributing part of an overall security program?

* 3. What are your plans for implementing deception technologies as part of your overall security program?

* 4. On a scale of 1 to 5 (1= not useful and 5= extremely useful), please rate the following deception methods:
How useful or the deception methods below, where 1 is NOT useful and 5 is extremely useful?

  1 2 3 4 5
Using “lures” like open network shares or database connections on production systems to attract an attacker to a “trap” server.
Using “breadcrumbs” like false file objects or data records on production systems to trace an attack through the environment and potentially externally.
Planting false credentials/tokens in memory on production systems to identify escalation (e.g. via pass-the-hash attack).
Using a network “honey” responder to respond (e.g. syn-ack) to connection requests (e.g. syn) for nonexistent systems and blocking source IPs at connection attempt (e.g. ack).
Slowing down a network connection with “tarpit” techniques to gather more forensic information.
Deploying false endpoints (e.g. VMs) on a network to act like legitimate systems.
Deploying a server “honeypot” to collect attribution information on attackers for use in threat management programs.

* 5. On a scale of 1 to 5 (1=none; 5=extreme), please rate the following challenges to a deception program:
How challenging are the obstacles to a deception program below, where 1 is NOT challenging and 5 is extremely challenging?

  1 2 3 4 5
Justifying the cost and contribution to business value.
Addressing technical performance and management of deception systems.
Prioritizing a deception program relative to any/all other security initiatives.
Evaluating options and determining efficacy of a deception solution.
Integrating a deception program into existing strategic security program.

* 6. Please identify any vendors, methods, etc. associated with a deception program that you are aware of: