Abstract: Apparatus and method for disrupting cyber attacks. In accordance with some embodiments, the apparatus includes a network accessible device having a processor and memory, and a security system associated with the network accessible device. The security system has a security controller, a front end and a decoy environment operationally isolated from the memory of the network accessible device. The security controller is adapted to, responsive to receipt of a payload from an outside source potentially having a malicious component from an attacking party, apply a security operation to the payload comprising at least a selected one of an anti-viral scan, a blacklisting scan or a whitelisting scan. The security controller is further adapted to load the received payload into a memory of the decoy environment and detonate the loaded payload a plurality of times in succession.

Abstract: Apparatus and method for disrupting cyber attacks. In accordance with some embodiments, the apparatus includes a local computer system and an associated security system. The security system employs a decoy environment operationally isolated from the local computer system. The decoy environment operates to, responsive to receipt of a payload from an outside source, load the received payload into a memory of the decoy environment and detonate the loaded payload a plurality of times.

Abstract: Apparatus and method for disrupting cyber attacks. In accordance with some embodiments, the apparatus includes a local computer system and an associated security system. The security system employs a decoy environment operationally isolated from the local computer system. The decoy environment operates to, responsive to receipt of a payload from an outside source, load the received payload into a memory of the decoy environment and detonate the loaded payload a plurality of times.