Honeypots, Deception, and Frankenstein

Presented at CarolinaCon 14 (2018), April 13, 2018, 8 p.m. (60 minutes)

This talk will provide a quick overview honeypots, an explanation of the cyber deception space, and the benefits of implementing deception as part of your cyber defense program. In addition, this talk will highlight the HoneyDB project, which enables anyone to get started with operating deception sensors and start collecting threat information. Finally, this presentation will describe how I built scalable honeypot sensor collection, employing a "Frankenstein Cloud Architecture", for minimal cost. Note, I did present (30 mins) last year, however this talk will contain new material, and will provide an update on the projects I presented last year. A summary of how things have gone, and where they are going. I received a great response from last year's talk, so I hope to keep the community talking, learning, and involved in the topics/projects on honeypots & cyber deception.

Presenters:

• Phillip Maddux
  Phillip Maddux is a Senior Solutions Engineer at Signal Sciences and has over 10 years of experience in information security, with the majority of that time focused on application security in the financial services sector. In his spare moments he's a honeypot enthusiast and enjoys converting ideas to code and committing them to Github.

Links:

• https://infocon.org/cons/CarolinaCon/CarolinaCon 14 2018/Honeypots, Deception, and Frankenstein (by Phillip Maddux).mp4
• https://infocon.org/cons/CarolinaCon/CarolinaCon 14 2018/Honeypots, Deception, and Frankenstein (by Phillip Maddux).eng.srt (subtitles)
• https://www.youtube.com/watch?v=k81xKjCEeqE

Similar Presentations:

• Black Hat USA 2014 / The Devil Does Not Exist - The Role of Deception in Cyber
• Black Hat USA 2018 / Real Eyes, Realize, Real Lies: Beating Deception Technologies
• ShmooCon XI (2015) / Deception for the Cyber Defender: To Err is Human; to Deceive, Divine