deceptiq.com posted a great article summarizing why many deception security tools fail as well as how to properly plan a deception security deployment. That post can be found HERE. The intro to their post summarizes the post perfectly.
“Modern attackers are using deception against you right now. They’re masquerading as legitimate users, exploiting your trust in familiar tools, and moving through your environment undetected. Meanwhile, your deception defenses are so obvious that skilled adversaries spot them immediately and actively avoid them.
After years of red teaming, we’ve learned that most security teams treat deception like any other security tool – deploy it and hope it works. Deception vendors prioritize ease of deployment over understanding the attacker mindset that determines whether deception will actually be effective.”
I also like the deployment model they share.
Check out their post for the details HERE.