In another article we explained how we managed to provide fully interactive yet completely secure Honeypots.
This innovation comes with many other advantages over previous solutions to detect and deceive cyber threats.
Brief explanation
Our honeypots are ephemeral Virtual Machines that appear to be inside your network thanks to the one-way encrypted tunnel that connects them to the simple and secure appliance in your possession.
All the heavy lifting is done inside our Cloud Environment by the Orchestrator. This approach allows the device to be an immutable appliance simply acting as a one-way invisible gate.
We centralize all the management, this allows us to host and control your and the other clients' Honeypot in a systematic and easy way, as well as to have the necessary resources in one place, optimized to deliver the best performance but not more.
The monitoring service is also centralized, and since Honeypots rarely trigger events (only in cases of real cyber threats), the required manpower is minimal.
Cost Reduction
Economies of scale cut the costs down, no other solution can nearly compete with our prices by a long shot.
While there are certainly cheaper solutions, they are either less effective (low-interaction) or less secure, and therefore far more expensive to maintain.
Multiple Templates
Your small appliance requests "an Honeypot", it doesn't specify which one.
Through the Dashboard panel you are able to specify which Template you want it to be. Now it could pose as a Backup Server, and in less than 30 seconds it could turn into a Printer.
The Template creation is up to us, and almost all templates are accessible for all customers. You can also spoof the MAC Address of the appliance to make it look indistinguishable.
You will always have the latest version of our service.
Plug&Play complexity
The appliance is pre-configured and auto-initialized.
All you have to do is connect the power and Ethernet cables to it. That's it, the whole power of our infrastructure is at your service, ready to detect and deceive threats.
There's no need to change the network configuration.
Initialization script
Given that our Honeypots are ephemeral VMs and disposable by design, you can customize them with a shell script freely.
This means you can populate your honeypots with custom services, real employee accounts (fake passwords, please!) add mock files and much more!
Some good faith rules apply, for example no crypto mining or using them them as VPN nodes.
Connect to any SIEM
With the same script you can forward the Honeypot logs and events to your SIEM of choice to let your SOC detect threats from their preferred platform. This alone is a premium feature worth hundreds or thousands of dollars from competitors that we include in every plan at no additional cost.