Loading…
BSidesSF 2018 has ended
View analytic
Monday, April 16 • 11:40am - 12:10pm
Honeypots 2.0: A New ‘Twist’ on Defending Enterprise Networks with Dynamic Deception at Scale

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
The concept of honeypots and deception has been leveraged by cyber-defenders for many years. Today, though, the emergence of maturing technologies allows us to add a new twist on the classic honeypot approach. Some argue that honeypots were ahead of their time. In the past, honeypots were useful but scale was a limiting factor for the amount of benefit and return on investment achieved from their use. However, with modern technologies like virtualization, cloud computing, containers and DevOps tool chains, we can now scale honeypots to make them statistically relevant in modern large-scale enterprise networks. Furthermore, we can utilize existing programming frameworks to develop interesting types of honeypot technologies. In particular, this presentation describes the notion of dynamic deception at scale using the Python-based Twisted networking framework. The talk will provide details on honeypot essentials and how scale can be achieved with new technologies. The primary discussion will be focused on Twisted, and how it can be used to rapidly create both static and dynamic honeypots.

Presenters
avatar for Lane Thames

Lane Thames

Senior Security Researcher and Software Engineer, Tripwire
Lane Thames is a senior security researcher and software engineer with Tripwire’s Vulnerability and Exposure Research Team (VERT). As a member of VERT, Lane develops software that detects applications, devices, and operating systems along with vulnerability detection and management... Read More →



Monday April 16, 2018 11:40am - 12:10pm
City View - Presidio