Active Defense Through Deceptive Configuration Techniques

by Nathaniel Quist
Sept. 1, 2017 1 comment SANS Institute Management active defense

Honeypots are making a profound impact in the security world. Their ability to infer information about an attacker’s Tactics, Techniques, and Procedures (TTPs), allow defenders to configure their defenses to respond to emerging threats, capture 0-Day exploits, and identify malicious users within a network.

https://www.sans.org/reading-room/whitepapers/activedefense/active-defense-deceptive-configuratio...

Avatar
Irina Alexandra Negrii 4 months ago

This system implements a visual service of Honeypot as bait, analyses
intrusion data and extracts new features and rules to enlarge the intrusion detection system feature library

Reply