In cybersecurity, we spend a variety of time specializing in preventative controls — patching vulnerabilities, implementing safe configurations, and performing different “finest practices” to mitigate threat to our organizations. These are nice and crucial, however one thing should be mentioned about getting an up shut and private have a look at real-world malicious actions and adversarial habits.
Among the best methods to do that is to make use of honeypots. The Nationwide Institute of Requirements and Know-how (NIST) defines honeypots as: “A system or system useful resource that’s designed to be engaging to potential crackers and intruders, like honey is engaging to bears.” It’s an amusing — and applicable — coincidence that many superior persistent risk teams have the phrase “bear” of their names.
Honeypots usually check with complete techniques or environments. Honeytokens, however, are sometimes particular information, knowledge, and different objects which are used equally, serving as decoys to entice malicious actors and achieve worthwhile details about them. That mentioned, for this text, and to keep away from granular variations, we’ll broadly use the time period honeypots.
