ReCover™
IT Heterogeneity for Production Traffic — Coming Soon
ReCover is Curtail's production counterpart to ReGrade. While ReGrade uses NCAST to catch behavioral regressions before deployment, ReCover applies the same technology to live production traffic — monitoring in real time, detecting anomalies, and diverting attacker sessions to honeypots. Together, they form a complete behavioral security lifecycle from development through production. Currently in development.
Features
Attacker Session Hijacking
Detect malicious sessions in real time and silently redirect them to honeypots. Attackers think they're in your system — but they're in a sandbox you control.
Software Heterogeneity
Build parallel traffic paths so no single point of failure can take you down. ReCover creates the IT heterogeneity that critical infrastructure demands — separate systems, separate attack surfaces.
Live Traffic Analysis
NCAST compares production traffic against known-good baselines in real time, identifying behavioral anomalies the moment they appear — whether from bad deployments or active attacks.
Automatic Traffic Diversion
When anomalies are detected, ReCover redirects traffic to healthy instances or honeypots without user impact. No manual intervention, no downtime.
Use Cases
Honeypot Deception
Redirect attacker traffic to decoy environments that look real, wasting their time and collecting intelligence while your production systems stay safe.
Cyber Resilience
Build parallel infrastructure so the next CrowdStrike-scale event doesn't ground your fleet or freeze your operations. ReCover creates redundant traffic paths with separate attack surfaces.
Supply Chain Protection
Monitor third-party updates against live traffic and divert if a compromised dependency starts behaving differently than expected.
Zero-Day Containment
Detect exploitation attempts in real time and isolate attacker sessions before they can move laterally through your infrastructure.