Active defense is the use of offensive tactics to outsmart or slow down a hacker and make cyberattacks more difficult to carry out. An active cyber defense approach helps organizations prevent attackers from advancing the business networks. It also increases the likelihood that hackers will make a mistake and expose their presence or attack vector. Active defense involves deception technology that detects attackers as early as possible in the attack cycle. Active cyber techniques include digital baiting and device decoys that obfuscate the attack surface and trick attackers. This misdirection wastes attackers’ time and processing power while providing vital active cyber intelligence data. Active defense supports offensive actions and can sometimes involve striking back against an attacker. However, it is typically reserved for law enforcement agencies that have the authority and resources to take the appropriate action.
