To catch real attackers - you do need real equipment!
Each of our Honepot collectors/sinkhole are medium/high interaction devices - We can provide data access in several ways:
- Via downloadable files (CVS, JSON or custom made based on your requirements)
MISP and STIX/TAXII services will be provided in Q2 - 2018
Some user cases;
I'm a National CERT - I would like to know who's attacking infrastructure located in my country.
I'm a National CERT - I would like to know who's attacking others from IP addresses located in my country.
I'm a Security company, who provides "Early Breach warning" to my clients.
- We can provide attack data from our global deployed network - then you can compare that data with your clients IP adresses and alert them whenever a device from them attacks our honeypots.
I'm a Security company, who research in new ICS/SCADA and IOT threats.
- Cool, we can assist ! e.g. by providing you access to different types of log files and PCAP (including SCADA trends and malicious IOT C&C infrastructure)
I do need to build a in-house early warning system with Honeypots - what to do ?
- We can provide expert education within the whole lifecycle; planning, building, deployment and practical usage of Honeypot as Early warning detection and prevention.