To catch real attackers - you do need real equipment!
Each of our Honepot collectors/sinkhole are medium/high interaction devices (simulating the behavior of a real device), to keep the attacker busy - while every action are documented.
The honeypot network enable us to collect and share much knowledge on to determine the patterns and behaviors of the intruders, their tactics, techniques, and procedures (TTP).
ICS/SCADA Feeds: We have deployed the industry’s most extensive Honeypot support of ICS/SCADA-specific protocols including;
- S7 (Siemens)
More ICS/SCADA-specific protocols to come; IEC-60870-5-104 (IEC-104),Smartmeter, IEC 60870-6 (ICCP), OPC, Profinet
IOT Feeds: We have deployed a large number of devices to detect attacks on IOT equipment (Digital Video Recorders (DVRs) and CCTV cameras, Routers and other IOT equipment).
- IOT-related protocols