Add authenticity to deceptive components to convince an adversary that an environment is real.
Reassurance is used to add authenticity to deceptive components to reduce adversary suspicion about the legitimacy of the environment. Activities include adding realistic user accounts, files, system activity, and any other content that an adversary might expect to find on the system. Reassurance may add new artifacts, such as peripherals and pocket litter, while concealing others, such as how recently an environment was stood up. If done correctly, Reassurance may help to make an adversary feel more comfortable upon landing in a new environment. This initial level of comfort can help anchor the adversary in the environment, increasing their tolerance to faults or weaknesses discovered later.
|Application Diversity||Present the adversary with a variety of installed applications and services.||EAC0006|
|Artifact Diversity||Present the adversary with a variety of network and system artifacts.||EAC0022|
|Burn-In||Exercise a target system in a manner where it will generate desirable system artifacts.||EAC0008|
|Email Manipulation||Modify the flow of email in the environment.||EAC0009|
|Information Manipulation||Conceal and reveal both facts and fictions to support a deception story||EAC0015|
|Network Diversity||Use a diverse set of devices on the network to help establish the legitimacy of a decoy network.||EAC0007|
|Peripheral Management||Manage peripheral devices used on systems within the network for engagement purposes.||EAC0010|
|Pocket Litter||Place data on a system to reinforce the legitimacy of the system or user.||EAC0011|