3Hunters Logo
Lines open M to F from 9am to 6pm

What is a honeyspot in cyber security? We hear it often in our interviews

What is a honeyspot in cyber security? We hear it often in our interviews

It's a common term in Cyber Security jargon, and we hear it a lot in our interviews with senior candidates.

Literally it means "Honey Jar" but what does it mean in computer security?

When an attacker connects to a service and tries to penetrate it, the program simulates the security hole but does not actually gain control of the system. By logging the attacker's activity, this system collects information about the type of attack used, as well as the attacker's IP address, among other things.

  • Honeynet Project is a research project that deploys networks of honeypot systems(HoneyNets) to gather information about the tools, tactics and motives of cybercriminals.
  • PenTBox Security Suite is a project that develops a Computer Security Suite. Among the programs that comprise it is available a configurable Honeypot of low interaction.

Different types of HoneyPots

Email traps or spam traps place a fake email address in a hidden location where only an automated address collector will be able to find it. Since the address is only used as a spam trap, there is a 100% certainty that any email arriving at it will be spam. All messages with the same content as those sent to the spam trap are automatically blocked and the source IP address of the senders is added to a blacklist.

A decoy database can be set up to monitor software vulnerabilities and detect attacks that breach the security of the system architecture or use methods such as SQL injection, SQL services security vulnerability or privilege abuse.

A malware honeypot mimics software applications and APIs to induce malware attacks. The malware characteristics are then analyzed to develop anti-malware software or to resolve vulnerabilities in the API.

The goal of a spider honeypot is to trap web crawlers (web indicators) by creating web pages and links that only crawlers can access. Detecting crawlers can help you learn how to block malicious bots as well as ad network crawlers.

In 3 Hunters we have a very solid experience to recruit these profiles that will help your company to navigate the waters and have a competitive advantage, if we think it is expensive to have a person, think how expensive it would be to lose control of our systems and that such information is circling the web, so this is an excellent investment indeed.