Our adversaries are skilled in deception -- we as defenders must become
skilled as well. This talk provides information to defenders on
the importance of deception as part of our defense in depth strategy.
Why should the Red Team have all the fun? Let's explore the tools,
techniques, and processes that Blue Team can utilize to detect,
deceive, detour, confound, and confuse our attackers.
What we cover:
* The goals of deception from the perspective of both the attacker and defender
* The elements and processes needed to plan, prepare, execute, and
monitor effective deception
* The types of deception techniques that are effective and how they translate into actual web
* How to identify and respond to various types of attackers.
Finally, we walk through an example of a deceptive web application that will detect our attacker and sideline them in defense of our web application.