The time that malicious code takes (latency) to move through the phases of the kill chain is accelerating, thanks to black-hat automation and swarm technology. Kill chain defense is largely manual today and needs to step up to effectively taper this accelerating attack chain. House of mirror-based deception techniques are just one way to achieve this, effectively diluting a large attack surface.

Learning Objectives:
1: Understand real-world examples of decreasing time to breach (latency) for automated threats.
2: Understand automated solutions for auto response, e.g., CTA STIX use cases and deception techniques.
3: Think of how to identify weak points in an organization that are vulnerable to automated attacks.