Automating Honeypot Deployment with Docker and Ansible

Thursday, April 12 | 8:00AM–9:00AM ET | Baltimore Ballroom A, Fifth Floor
Session Type: Breakout Session
Delivery Format: Interactive Presentation
Many organizations currently deploy honeypots within their networks for threat identification. However, the process of deploying numerous honeypots across a network can require a significant amount of setup and configuration. We will present a method for dynamically and automatically deploying honeypots using Docker and Ansible, as well as deployment techniques for several popular cloud providers. Along with rapid honeypot deployment, we will introduce methods for sharing honeypot-related threat intelligence between universities and organizations. By leveraging these new projects, organizations can more effectively build or grow their honeypot environments and contribute the gathered intelligence back to the higher ed community.

Outcomes: Learn new methods for automated honeypot deployment using Docker * Explore techniques for creating a constantly changing honeypot environment to evade detection by attackers * Discuss how these systems can be leveraged for better threat intelligence sharing


  • Christopher Collins

    Sr. Automation Engineer, Duke University
  • Alex Merck

    Senior Analyst, Duke University