Good attacks make good detections make good attacks make.. – The making of a MySQL Canarytoken
Honey tokens are definitely an extremely interesting topic and can drive great conversations and ideas; however, the main failure here is two fold, applying them to large segments of your network (or even your golden image) as well as properly documenting everything and providing the details to the appropriate people, like your forensics or SOC people.
This can do all the good in the world but those failures will trip you up every time… in some cases will lead to the wrong conclusions or even have cases thrown out.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Username or Email Address