A honeypot is a 'a container in which honey is kept'. Honeypots should be left for honey! Rule #1: Don’t Call cyber deception "Honeypots" The term "honeypot" carries negative connotations that can hinder leadership buy-in and jeopardize your cyber deception project before it even starts. There are two primary concerns: Attracting Unwanted Threats – The misconception that honeypots invite cybercriminal activity, increasing the risk of attackers breaching containment and infil
Microsoft Sentinel Overview SIEM, or Security Information and Event Management, is a security solution that helps organizations identify and respond to potential security threats by collecting, analyzing, and correlating security events and data from various sources. Sentinel is Microsoft SIEM product. Comparable products to Sentinel include: Splunk Elastic CrowdStrike Falcon scale Google SecOps Cortex XSIAM One of the things that is important for SIEMs to be successful is t
Incident Response Phases: P.I.C.E.R.L for DoS and DDoS attacks Incident response follows the P.I.C.E.R.L framework: Planning, Identification, Containment, Eradication, Recovery, and Lessons Learned. DoS/DDoS - Planning Phase Identify publicly available servers, systems, and resources susceptible to DDoS attacks. Understand potential DDoS traffic sources and data flow to public-facing infrastructure. Assess protection mechanisms within the data path, including: Internet access
