Open-Source Tool Aimed At Propelling Honeypots Into the Mainstream by Kelly Jackson Higgins.
From the post:
Researchers have built a free open-source honeypot software program aimed at propelling the hacker decoys into security weapons for everyday organizations.
The Modern Honey Network (MHN) software, created by the Google Ventures-backed startup ThreatStream, automates much of the process of setting up and monitoring honeypots, as well as gleaning threat intelligence from them. An API allows it to integrate with IDSes, IPSes, application-layer firewalls, SIEM, and other security tools to set up defenses against attacks it detects.
Honeypots — basically lures posing as machines that let organizations gather intelligence and study the behaviors of attackers — long have been a popular and valuable tool for security researchers. There are plenty of open-source honeypot tools available today, but the high maintenance and complexity of deploying and running these lures have made them unrealistic security options for most businesses.
“Honeypots have never truly taken off in the enterprise,” says Greg Martin, CEO of ThreatStream, which provides a software-as-a-service threat intelligence system for large organizations like Northrop Grumman and SAIC. The goal of MHN is to simplify honeypot deployment and ultimately to make these tools a mainstream, inherent part of the security arsenal for companies in various industries.
…
MHN, meanwhile, can be used with a little crowdsourcing, too. “We’ve created a public server that pulls together intelligence [the systems gather], and you have the option to crowdsource the information,” Martin says. ThreatStream ultimately plans to share attack trends publicly: which countries are hosting the attacks and where DDoS attacks are occurring, for instance. “You can create a huge cyber weather map.”
The free honeypot tool is available here for download.
Hackers have already learned the lesson that shared information floats all attackers higher. Perhaps cyberdefense is taking a step in that direction with Modern Honey Network (MHN).
Collecting data is the first step towards authoring a topic map. What additional information would you want to collect in connection with that from MHN?