CounterCraft Overview

CounterCraft empowers organisations to strengthen their security posture more efficiently than ever before. Designed and developed by experts, the CounterCraft Cyber Deception Platform fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection using controlled, highly credible synthetic environments.

CounterCraft accelerates threat detection earlier in the attack lifecycle, provides evidence of malicious activity and modus operandis and already protects leading organisations in the financial, trade and government sectors, as well as law enforcement agencies. The feature-rich CounterCraft Cyber Deception Platform delivers high-quality alerts with zero false positives and automates cyber deception campaigns across a complete range of digital assets to strengthen overall security posture.


CounterCraft The Platform™

Their premier product, CounterCraft The Platform™ consistently stops red teams, spear phishing, ransomware attacks and insider threats and is used successfully by Fortune 500 companies and government organisations. CounterCraft’s proprietary technology is made up of award-winning components that work to create realistic deception environments, allowing you to protect your network and gather specific, real-time intel on the adversary.


Custom or template-based CounterCraft breadcrumb technology that can be deployed across multiple endpoints, servers or even on internet based platforms such as PasteBin, GitHub and Shodan. Both passive and active breadcrumbs allow you to tailor them to attract exactly the adversary you are targeting. The main job of the ActiveLures is attract adversaries into the CounterCraft ActiveSense Environments.


ActiveSense Environments are the core of your CounterCraft deployment. They contain real machines and real services that provide a credible environment to deflect and monitor the adversary. They combine the detailed telemetry collected by the DeepSense agents and the command and control capability of the CounterCraft ActiveLink network to provide a full, deep-sensing environment to collect and deliver all adversary activity in real time.


ActiveLink provides a full command and control network for the ActiveSense Environment. It allows completely cloaked exfiltration of DeepSense telemetry and also allows real-time control over hosts, services and breadcrumbs for instant response to adversary activity. The CounterCraft ActiveLink network does it all. ActiveLink also allows the system to be deployed across a wide range of complex networks.

Want to know more?