Play all

Intro

Traditional Defensive Concepts

InfoSec Realities

Why Internal Honeypots?

Honeypot Use Cases

Types of Honeypots

Windows Powershell Honeyports

Artillery Logging Bonus! File Integrity Monitoring

Learning from Attackers

Web Labyrinth

Fake PhpMyAdmin

$any fake login panel

Honeybadger

Emulate various services and capture verbose data on attacks

Analysis Tools • Log Rhythm Network Monitor and SIEM

Routers and Switches

High Interaction – Warning!

Document Bugging

More Tricks

Monitoring • Dedicated SOC - Security Operations Center

Enterprise Threat Intelligence

Event Correlation

Honeypot Dashboards • Honey Drive3 comes complete with dashboards and enhancement scripts to display interesting data.

Closing Thoughts

Works Cited & Recommended Reading • Strand, John, and Asadoorian, Paul Offensive Countermeasures: The Art of Active Defense 2013

Description:

Explore active defense strategies through honeypots in this 49-minute conference talk from Central Ohio Infosec 2015. Delve into traditional defensive concepts, InfoSec realities, and the importance of internal honeypots. Learn about various honeypot types, including Windows Powershell Honeyports and Artillery Logging. Discover practical use cases, such as file integrity monitoring and learning from attackers. Examine tools like Web Labyrinth, fake login panels, and Honeybadger for emulating services and capturing attacker data. Gain insights into analysis tools, high-interaction honeypots, and enterprise threat intelligence. Explore monitoring techniques, event correlation, and honeypot dashboards. Conclude with closing thoughts and recommended reading on offensive countermeasures and active defense strategies.

Honeypots for Active Defense - A Practical Guide to Deploying Honeynets Within the Enterprise

Add to list

#Conference Talks #Information Security (InfoSec) #Cybersecurity #Network Security #Security Information and Event Management (SIEM) #Security Operations Center (SOC) #Honeypots #Active Defense

0:00 / 0:00