Skip to main content

Posts

Showing posts from February, 2024

Bring Back the Honeypots

  "Honeypots were all the rage in the 90's - A raft of tools (and even a world-wide alliance) sprung up extolling their virtues but they never managed to live up to their hype. They were largely relegated to researchers and tinkerers on the fringes. At the same time, we have the Verizon DBIR telling us that most companies are first informed by 3rd parties that they are breached. This is a stupid situation to be in.  Well deployed honeypots can be invaluable tools in the defenders arsenal, and don't need to look anything like the honeypots of old. From application layer man-traps, to booby-trapped documents. From network-level deception, to cloud based honeypottery, we are bringing honeypots back!  During this talk, we will discuss and demonstrate the current state of the art regarding honeypots. We will explore the factors that limit adoption (and will discuss how to overcome them.) We will demonstrate new techniques to make your honeypots more "hacker-discoverable&qu