In cybersecurity, we spend plenty of time specializing in preventative controls — patching vulnerabilities, implementing safe configurations, and performing different “finest practices” to mitigate threat to our organizations. These are nice and crucial, however one thing should be mentioned about getting an up shut and private have a look at real-world malicious actions and adversarial conduct.
Top-of-the-line methods to do that is to make use of honeypots. The Nationwide Institute of Requirements and Know-how (NIST) defines honeypots as: “A system or system useful resource that’s designed to be engaging to potential crackers and intruders, like honey is engaging to bears.” It’s an amusing — and acceptable — coincidence that many superior persistent menace teams have the phrase “bear” of their names.
Honeypots typically consult with complete methods or environments. Honeytokens, alternatively, are sometimes particular information, information, and different objects which can be used equally, serving as decoys to entice malicious actors and achieve helpful details about them. That mentioned, for this text, and to keep away from granular variations, we’ll broadly use the time period honeypots.
