3 comments

[ 2.5 ms ] story [ 17.7 ms ] thread
Any questions, we'd be happy to answer
How is cyber-deception different from regular honeypots?
There are two main advancements beyond "classic" honeypots:

1. Honeypots are easy to fingerprint (see our blackhat talk, https://www.youtube.com/watch?v=Pjvr25lMKSY )

2. Most honeypots just "sit on the network", waiting to be scanned. By using breadcrumbs (AKA honeytokens) as part of deception stories you're actively hunting the attackers in the network, by influencing their decision process.