Deploying Honeypots to Gather Actionable Threat Intelligence
Offered By: YouTube
Course Description
Overview
Explore the deployment of honeypots for gathering actionable threat intelligence in this conference talk from Circle City Con 2015. Learn about different types of honeypots, their interaction levels, and how to increase accuracy in threat intelligence collection. Discover the importance of making honeypots look legitimate, adding production value, and considerations for virtualization and cloud environments. Gain insights into market watch examples, canaries, and future developments in the field. Follow along as the speaker covers threat intelligence phases, SIEM integration, and common problems encountered when using honeypots for cybersecurity purposes.
Syllabus
Intro
Backstory
What this talk is about
DISCLAIMER
Outline
What is threat intelligence?
TI Phases
Collection
Data / Event Correlation
SIEM
How do we increase accuracy?
What's a honeypot?
Common Problems
Low Interaction Honeypots
Medium Interaction Honeypots
High Interaction Honeypots
Why High Interaction for TI?
Making It Count
They MUST look legit
Adding Production Value
HI Honeypot Considerations
Considerations With Virtualization
Cloud Considerations
Examples of Canaries
Market Watch
Recap
Conclusion
Next Development
References
People to Follow
Related Courses
Software as a ServiceUniversity of California, Berkeley via Coursera Software Defined Networking
Georgia Institute of Technology via Coursera Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Web-Technologien
openHPI Données et services numériques, dans le nuage et ailleurs
Certificat informatique et internet via France Université Numerique