Introduction

What?

Choices developers, system administrators, researchers, and threat hunters face:

1. Which honeypots, honeyclients and honeyports?

2. Which tools to integrate with?

3. What kind of attacks to capture?

4. What vulnerabilities to emit?

5. How hard must it be to detect it?

Why?

Wrong design decisions may result in collecting irrelevant information or even exposing the deception technology itself.

How?

• Tactics

• Taxonomies

• Roadmaps

• Detecting honeypots

• Avoiding honeypot detection

• Honeyports

• Honeyclients