Attackers breach organizations in a lot of a lot of different and creative ways, but one of the greatest threats is when hackers simply read administrative credentials from the memory of domain controllers. In a bid to help identify such potential theft of credentials from memory, Dell SecureWorks has launched a new open source project called DCEPT.
DCEPT is an acronym for Domain Controller Enticing Password Tripwire. It uses Docker containers as the delivery method.
In a video interview with eSecurityPlanet, Joe Stewart, director of Malware Research at Dell SecureWorks, explains what the DCEPT technology is all about and how it works.
“What DCEPT does is, it puts a fake credential into memory. That’s the honey token, the thing that when the hacker tries to use that credential on the network we can spot it,” Stewart, told eSecurityPlanet.
Watch the full video below:
Sean Michael Kerner is a senior editor at eSecurityPlanet and InternetNews.com. Follow him on Twitter @TechJournalist.