What is a Honeypot in Cybersecurity?

17.07.2020 Read
What is a Honeypot in Cybersecurity?

Honeypot might remind you of Mata Hari style spies, shocking plot twists and intriguing schemes but in the cybersecurity context, it has a whole different meaning. Keep reading to learn what it is!

For the las few years, a more proactive approach to cyber security has been on the rise. Instead of waiting for the next cyber attack to happen, many organizations prefer taking things in hand. They actively look out for the vulnerable spots on the façade of their cyber security organization and carry out pen testing, vulnerability assessment and such procedures. Being one of the rather more banzai strategies of cyber security, honeypot aims to provide an additional layer of security. In this article, we will discuss what honeypot is in detail and how it can be very beneficial for your organization.

What is a honeypot?

In computer terminology, the term honeypot refers to a security structure or mechanism that is built to deflect the attackers. In other words, a honeypot is there to distract the attackers from valuable assets of the organization.

Honeypot can be defined as a system that is attached to the network. It is set up to be a decoy. It lures the hackers and wastes their time as they try to gain unauthorized access to the network or systems of the organization.

Although honeypots have gained a significant interaction in the last few years, it must be noted that they have been around for quite some time. In fact, honeypots can be considered as one of the oldest security measures in the cyber security discipline.

One of the cybersecurity giants, Norton defines a honeypot as follows: "A honeypot is a computer or computer system intended to mimic likely targets of cyber attacks." This straightforward definition might give a sense of safety and confidence but inviting hackers onto your network and systems is a very, very precarious sport. You must be alert at all times, even if the honeypot you lure the hackers into is an isolated system.

What are the different types of honeypots?

There are various different types of honeypots that can answer the needs of your organization. These different types can be categorized based on how they are built and what purpose they serve.

Based on how they are built, there are three different kinds of honeypots:

Low-interaction honeypot: This type of honeypots is very easy to construct but it might look “phony” to a hacker. It runs a narrow set of services that exemplify the most prevalent attack vectors.

High-interaction honeypot: This type of honeypots employs virtual machines to ensure that potentially compromised systems are isolated.

Pure honeypot: This kind of honeypots is very time consuming and difficult to both build and manage but they are very authentic targets.

Based on their purpose, there are two categories of honeypots: Research honeypots and production honeypots.

If you are looking for efficient and fool-proof ways to keep your organization safe, take a closer look at our SOAR and SIEM solutions.

A vast library of integrations and free services on demand
See All Integrations
See Logsign Unified SO Platform in action!
Watch Demo