Security Program Controls/Technologies, Channel partners, Content

Booz Allen Hamilton and Acalvio Partner for Cyber Deception Technology

A high-angle view of a businessman and a businesswoman sitting in the office building lobby and using a tablet computer

A high-angle view of a businessman and a businesswoman sitting in the office building lobby and using a tablet computer

Booz Allen VP Wade Alt will describe managed cyber trends during MSSP Alert
Related: Hear Booz Allen VP Wade Alt describe managed cyber trends during MSSP Alert Live 2022 (Sept 19-21, Washington, D.C.).

Booz Allen Hamilton, which has a Top 250 MSSP business unit, and Acalvio Technologies are working together to provide cyber deception technologies to commercial and government organizations.

Acalvio adds cyber deception technologies to Booz Allen's cybersecurity portfolio, the companies stated. These technologies complement Booz Allen's existing cybersecurity capabilities, such as threat hunting and detection engineering.

Commercial and government organizations can use Acalvio's ShadowPlex cyber deception product in conjunction with Booz Allen's cybersecurity capabilities, the companies said. In doing so, they can detect, investigate and respond to cyber threats in IT and OT environments across on-premises and cloud deployments.

A Closer Look at ShadowPlex

ShadowPlex helps organizations combat advanced persistent threats (APT), ransomware and malware, Acalvio said. It combines pre-defined playbooks with an artificial intelligence-based Recommendation Engine that self-generates and places appropriate deception objects within an IT or OT environment.

Organizations can use ShadowPlex to automate and simplify the configuration and deployment of deception objects in IT and OT environments, Acalvio said.

ShadowPlex also provides a five-step process for autonomous deception across these environments:

  1. Set up fake hosts, "honeypots" and other deceptive artifacts to confuse, divert and direct cybercriminals to decoys.
  2. Let a cyberattack progress in a safe and contained sandbox.
  3. Identify compromised systems.
  4. Use high-fidelity alerts to automatically contain the attack.
  5. Gather insights to understand a cybercriminal's tactics, techniques and procedures (TTP).

ShadowPlex can be used in combination with endpoint detection and response (EDR), security orchestration, automation and response (SOAR) and other cybersecurity tools, Acalvio said. It also can be deployed on premises or in the cloud, and MSSPs can provide ShadowPlex as a managed security service.

Booz Allen Launches $100M Venture Capital Arm, Explores Cybersecurity Acquisitions

The Acalvio partnership comes after Booz Allen in July 2022 announced Booz Allen Ventures, a $100 million venture capital arm. Booz Allen Ventures will invest in cybersecurity and other strategic dual-use commercial technologies for federal organizations.

Booz Allen reached an agreement to purchase EverWatch in March 2022, which has drawn scrutiny from the U.S. Department of Justice. It also has up to $4.5 billion available for "strategic acquisitions" through 2025, CEO Horacio Rozanski told Wall Street analysts during his company's earnings call on January 28, 2022.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.

Related