What is honeypoint™?
Not Just A Honeypot, But A Suite Of Tools Designed For Nuance Detection And Deception...
Honeypot Services Emulation
Mock Web Applications
Trojanized Documents & Login Accounts
Self-Tuning Application White Listing & Anomaly Detection for Windows
WiFi Access Point Monitoring
Handler For User-Created Custom Detection Scripts & Tools
Deploy & Forget Architecture
No signatures to update and no false positives means you have more time and less to worry about. HoneyPoint's anomaly detection and intruder deception capabilities are silent until triggered by suspicious or malicious activity. That means less ongoing work for your team and high trust that when HoneyPoint alerts you - something unexpected has happened!
Easy Integration With SIEM & Monitoring Tools
If your team just wants a basic implementation, you can monitor your HoneyPoints from our Console application. But, if you've already invested in log monitoring tools, SIEM or other alerting and analysis platforms, we can simply route the HoneyPoint data to those instead. You get all the safety and security of HoneyPoint with the convenience of your SIEM.
Patented Defensive Fuzzing Capability
If your organization's maturity and needs go beyond just detection and capture of customized threat intelligence from your environment, you can enable HoneyPoint in self defense mode. Once enabled and configured, HoneyPoint will begin using a patented fuzzing technique to tamper with and crash attacker tools and malware spreading in the environment. This unique capability gives defenders more time to respond and reduces the impacts of attacks against your critical infrastructure.
Completely Customizable Service & Application Emulations
Your network is your castle, and deception technology should look and feel like home. With HoneyPoint, we can create completely customized emulations of nearly any network service or application instance. It's trivial to edit banners, responses and other nuances of the honeypots to make them look and feel just like an attacker would expect. You can also easily create services to confuse and confound attackers and malware, keeping them tied up and busy while buying your team more time to take action.
HoneyPoint Use Cases
Network Detection & Deception
Dropping HoneyPoints throughout your enterpise makes for a fantastic honeypot and deception-based detection strategy. Attackers don't know what's real and what's not, so leverage your homefield advantage by giving them interesting things to poke at. Every interaction, scan and probe is an opportunity for your team to detect, analyze and respond to their assault.
Jumphost & Critical Server Monitoring
Some systems are just more valuable than others, and for those critical components, HoneyPoint offers on-host deception software and even application white listing and anomaly detection that is completely self-tuning. In addition, surrounding these critical systems with HoneyPoints to act as decoys often lures attackers away from the real deal, and right into the trap.
DNS Sinkhole & IOC Capture
Does your organization have the maturity to handle quickly mitigating known compromised systems? Do you want to gather deeper IOCs for further analysis and threat hunting? Then this implementation is for you. Tune your internal DNS server to send all known blacklist and threat traffic to a HoneyPoint decoy. The HoneyPoint will provide a list of these compromised devices in real time AND give your team insights into EXACTLY what communications patterns and data the illicit activity was utilizing. HoneyPoint amplifies your ability to quickly hunt for and stop malware outbreaks, ransomeware attacks and other dangerous activity in your environment.
Distributed Custom Threat Intelligence
Are you ready to move beyond using public blacklists and IOCs? Do you need more specificly actionable and highly targeted threat intelligence that matters to your networks, applications and sites? Do you want to lead your industry and know exactly what threats apply to your unique hardware/software footprint? If so, then HoneyPoint can help. You can set up entire honeynets and other custom and tactically configured deployments to gather the specific threat data you want and need. Move beyond IOCs to get to the bleeding edge TTPs and threat actors that are targeting YOU. MSI and HoneyPoint can get you there - we've been doing it for more than a decade!
HoneyPoint deployment methods
HoneyPoint Decoy Appliance
Our HoneyPoint appliance comes in a variety of form factors (physical and virtual), but all feature a hardened OS and our patented detection and deception tools.
HoneyPoint Security Server Software
Get HoneyPoint closer to your data by deploying our whitelisting and deception tools right on your existing ystems. The more you scatter, the more you see...
HoneyPoint In The Cloud
Want a zero hardware and software deployment? Need detection and deception in the cloud? No problem, we got you covered. We have solutions for you.
With HoneyPoint, attackers get stung, instead of you! -- Brent Huston