|
|
|
|
|
|
by goblin89
3482 days ago
|
|
|
This is great for a simple setup. Obviously there’s no reason not to extend this beyond AWS— * Login credentials: feed in response to detected phishing emails * SSH keys: have SSH trigger an alert if certain keys log in * Database entries: filter out the special ones in legitimate queries The pain, at least for a small organization, is in managing: reacting appropriately to alerts, ensuring honeytokens are properly rotated. |
|
|