It's a common term in Cyber Security jargon, and we hear it a lot in our interviews with senior candidates.
Literally it means "Honey Jar" but what does it mean in computer security?
When an attacker connects to a service and tries to penetrate it, the program simulates the security hole but does not actually gain control of the system. By logging the attacker's activity, this system collects information about the type of attack used, as well as the attacker's IP address, among other things.
Different types of HoneyPots
Email traps or spam traps place a fake email address in a hidden location where only an automated address collector will be able to find it. Since the address is only used as a spam trap, there is a 100% certainty that any email arriving at it will be spam. All messages with the same content as those sent to the spam trap are automatically blocked and the source IP address of the senders is added to a blacklist.
A decoy database can be set up to monitor software vulnerabilities and detect attacks that breach the security of the system architecture or use methods such as SQL injection, SQL services security vulnerability or privilege abuse.
A malware honeypot mimics software applications and APIs to induce malware attacks. The malware characteristics are then analyzed to develop anti-malware software or to resolve vulnerabilities in the API.
The goal of a spider honeypot is to trap web crawlers (web indicators) by creating web pages and links that only crawlers can access. Detecting crawlers can help you learn how to block malicious bots as well as ad network crawlers.
In 3 Hunters we have a very solid experience to recruit these profiles that will help your company to navigate the waters and have a competitive advantage, if we think it is expensive to have a person, think how expensive it would be to lose control of our systems and that such information is circling the web, so this is an excellent investment indeed.