1. As a first measure, Ridgeback comingles all the live resources on your network with what appear to be billions of available IT resources – hardware, services, network resources etc. – but are in fact all illusions created by Ridgeback i.e. phantoms.
2. When a compromised device on your network (a resource infected with malware or under the control of an adversary) attempts to map the network, to move laterally or to propagate malicious code, contact with a Ridgeback phantom is a sure thing.
3. Next, if an endpoint in your network is trying to scan, connect with or engage resources that exist only as Ridgeback inventions…Ridgeback acts back, instantly, with counter-measures rendering that endpoint useless to the adversary.
To use military language, the attack surface is altered, expanded billions-fold, to make the attacker’s job impossible. The exploit is arrested and you stay in control of your systems.