Gartner Peer Insights Labyrinth the First Finalists for the ECSO CISO Choice Award 2025

Labyrinth Deception Platform

Labyrinth Deception Platform changes an attack surface providing adversaries with an illusion of real infrastructure vulnerabilities. Each part of the imitated environment reproduces the services and content of a real network segment. The solution is based on Points - smart imitation hosts that mimic special software services, content, routers, devices, etc. Points detect all malicious activities inside a corporate network providing comprehensive coverage of all the possible attack vectors.

Labyrinth Data Sheet


Seeder Agents work on servers and workstations imitating attractive artifacts. Triggered by intruders, the agent directs them to Points.

Worker node is a host for all Points in Labyrinth. It works in multiples VLAN simultaneously.

Points mimic the content and services that are relevant to their environment segments and keep an attacker inside Labyrinth until all the necessary information is gathered.


All the collected information goes to Management Console for analysis. The Console sends necessary data to Incident Response Platform.

IR checks metadata with external databases and accelerates incident response through 3rd party integrations that automate isolation, blocking, and threat hunting.


Labyrinth provokes the attacker for actions and detects suspicious activities. While an attacker proceeds through the fake aim infrastructure, the Platform captures all the hostile’s details. The security team receives information about threat sources, the tools that were used, and about exploited vulnerabilities and the attacker’s behavior.


  • Reconnaissance activities
  • Unauthorized Access Attempts
  • Vulnerabilities exploitation
  • Command and Control Attacks

Data Gathering and Analysis

  • Pattern analysis
  • Access tries
  • Behavior analysis
  • Content analysis


  • Full investigation support
  • Automatic generation of threat indicators
  • Isolation of compromised hosts
  • Report Generation

Labyrinth deception platform advantages

  • No need for infrastructure: Does not require the collection of a huge amount of data; Gathers only data related to security incidents; Zero impact on IT network recourses productivity;
  • No overwhelming alerts: Does not generate “digital noise”; Extremely low false positive rate; Provides full real-time attack visibility.
  • No deep expertise needed: Simple installation and configuration; No special skills needed to use the solution; Automated detection and response.

Subscribe to our Newsletter

You successfully subscribed!