TrapX

10Fold launched TrapX Security out of Stealth Mode in July 2014. The company was founded in 2010 and is a leader in the delivery of deception-based cyber security defense. TrapX’s solutions rapidly detect, analyze and defend against new zero day and APT attacks in real-time. The company’s customer base includes global 2000 commercial and government customers around the world in sectors including defense, healthcare, finance, energy, consumer products and other key industries.

Objectives:

TrapX’s DeceptionGrid technology relies on emulations – fake assets that look and act identical to real assets, which are intermingled with actual information technology resources at scale in an enterprise network. The instant attackers touch an emulation, a high-confidence alert is triggered and the attack can be compartmentalized. DeceptionGrid provides deep forensic analysis and delivers a comprehensive assessment directly to an organization’s security operations team, providing a level of situational awareness and visibility not seen previously in sensor based platforms.

Similar to defense-in-depth, deception technologies can be applied at all attack stages of the Cyber Kill Chain (i.e., reconnaissance, weaponization, delivery, exploit, installation, command & control and actions) to cripple advanced threats that continue to plague enterprise organizations.

The main challenge was that at the time of their launch, TrapX was the only vendor on the market offering a next-generation deception-based product and most of the security reporters we soft sounded with their technology simply weren’t interested. Reason being, most security reporters don’t cover new product announcements, and two, they didn’t have a customer to go on the record to vouch for the validity of their technology. That said, we advised TrapX they needed another piece of compelling content that we could use to go out to the press with when launching the company.

TrapX agreed with our council and created a report based around a new piece of malware they discovered in infected shipping industry scanners. They dubbed it Zombie Zero and reported that the malware in the scanners was the first stage of a three-stage attack that compromised business software and sent data back to facilities linked to the Chinese military. With that information in hand, we took the report, info on the deception product they were introducing and were tasked with launching the company and generating leads to secure POCs for future sales.

Strategy & Tactics:

As part of our strategic approach to the launch, we knew we had to secure a round of analyst briefings to leverage for media interviews in case a reporter requested a third-party reference. We also wanted to make sure we got at least one top-tier business media story. And to do that, we reached out to one of our friendlies at the Wall Street Journal for a “business” exclusive. With the exclusive story assured, our next step was to pre-brief all of our security “trade” reporters starting two weeks prior to the launch.

Results:

When launch day came, the media coverage came fast and furious. Within the course of one week, we were able to secure:

  • 70+ articles in business, IT trade and vertical press
  • Created 170 leads, including 40 in the Fortune 500
  • CSO magazine started reaching out to us on a regular basis for commentary on other breaking security news stories