Honeypots: A Guide To Increasing Security

Honeypots: A Guide To Increasing Security
Honeypots are not a new idea. They have been part of the cybersecurity world for decades and have frequently gone in and out of “fashion” over that period. Recently, though, they have become an increasingly important part of vulnerability management.That’s for a couple of reasons. Honeypots offer real-world data on the types of threats that companies face, and they can be a powerful research tool in identifying specific threat vectors. In a context where just 12% of ICS security pros are sure their firms can respond to digital attacks, identifying these specific vectors allows companies to dedicate resources to defeating the most dangerous threats they face.Honeypots have also risen in popularity due to a simultaneous rise in adversarial cybersecurity techniques such as penetration testing. Rather than relying on general, passive protection systems, network administrators are now looking to test their cybersecurity in real-life, dynamic situations. Honeypots can be a very effective tool in these situations.The Basics of HoneypotsA honeypot is essentially a “fake” system that looks like a real one. The basic idea is that a hacker will deploy their attack against the fake honeypot rather than real systems. If this happens, the company which has deployed the honeypot can gain insight into the types of tools, tactics, and procedures that are used by the hacker and maybe even gain advanced warning of an attack on their real systems.Beyond this basic description, honeypots vary widely. In fact, a honeypot is more of a general technique than a specific tool. As honeypots guide increasing security