Skip to content
English
Sign in
Contact us
  • There are no suggestions because the search field is empty.

Endpoint: Managed, Real Asset

The endpoint is a real system performing real business functions

An endpoint is any legitimate, operational device within the customer’s environment that is monitored and controlled by the Endpoint Manager, which includes:

    • Workstations (Windows, macOS, Linux) used by employees

    • Servers providing actual business services (web, file, application servers)

    • Virtual machines in on-premise or cloud environments

    • Specialized systems such as OT devices, POS systems, or developer workstations

 

Key Characteristics

Part of Production: The endpoint is a real system performing real business functions; users rely on it.

Managed by Artefact Manager: Policies, lure deployment, and telemetry collection are centrally controlled.

Instrumented with Deception Elements: Endpoints can carry honey tokens, breadcrumbs or lures that lead attackers toward decoys.

Continuous Monitoring: Endpoint behavior, process activity, and network connections can be logged and correlated with threat intelligence.

Low Intrusion for Users: Deception components do not disrupt normal operations; artifacts are hidden in plain sight.

Example

A real Windows workstation has a mapped SMB share that points to a decoy file server filled with realistic artifacts, such as fake project files, financial spreadsheets, and cached credentials. If an attacker browses or opens any of these items, they are seamlessly funneled into the deception network for monitoring and analysis.