It is a common term in Cyber Security jargon, in our interviews with senior candidates we hear it very often.
Literally it means “Honey Jar” but what does it mean in computer security?
When an attacker connects to a service and tries to penetrate it, the program simulates the security hole but does not really allow him to gain control of the system. By recording the attacker’s activity, this system collects information about the type of attack used, as well as the attacker’s IP address, among other things. [
The Honeynet Project is a research project that deploys networks of honeypot systems (HoneyNets) to collect information on the tools, tactics and motives of computer criminals.
PenTBox Security Suite is a project that develops a Computer Security Suite. Within the programs that comprise it, a configurable, low-interaction Honeypot is available.
Different types of HoneyPots
Email traps or spam traps put a fake email address in a hidden place where only an automated address collector will be able to find it. As the address is only used as a spam trap, there is 100% certainty that any email that reaches it will be spam. All messages with the same content as those sent to the spam trap are automatically blocked and the originating IP address of the senders is added to a blacklist.
A decoy database can be established to monitor software vulnerabilities and detect attacks that breach the security of the system architecture or that use methods such as SQL injection, SQL services security vulnerability, or privilege abuse.
A malware honeypot mimics software applications and APIs to induce malware attacks. Then, the characteristics of the malware are analyzed to develop antimalware software or to resolve vulnerabilities in the API.
The goal of a spider honeypot is to catch web crawlers (web indexers) by creating web pages and links that only crawlers can access. Tracker detection can help you learn how to block malicious bots as well as ad network trackers.
In 3 Hunters we have a very solid experience to recruit these profiles that will help your company to navigate the waters and have a competitive advantage, if we believe that it is expensive to have a person, we think how expensive it would be to lose control of our systems and that said Information is floating around the web, so this is an excellent investment actually.