Honeypots for Easy Threat-Intelligence Wins

Wednesday, May 03 | 10:20AM–11:20AM | Pomeroy, Third Floor
Session Type: Breakout Session
Delivery Format: Concurrent Session
Are you drowning in alert data from your devices? Don't know where to start winnowing down the deluge of potential attacks to find the important threats? Deploying a network of honeypot devices and integrating them into your existing processes can help security teams identify and understand which attacks deserve attention and develop indicators for identifying locally compromised hosts. We'll introduce the Modern Honey Network and showcase an architecture and set of processes to help get the most utility from this open-source project. This is a topic specific/intermediate level session.

Outcomes: Educate attendees on honeypot terminology and a taxonomy of honeypots * Explore operational applications of honeypot data and architectural considerations * Provide perspective on honeypot networks from multiyear deployment


  • Nick Tripp

    CISO, Duke University

Resources & Downloads

  • Honeypots for Easy Threat Intelligence Wins_slides

    1 MB, pdf - Updated on 1/26/2024