header-stad-home-deepbluesecurity

Honeytrap

What is a trap?

A trap (also known as a Honeytoken) is data that looks interesting to an attacker but in reality is not. For example, you can think of a Word document or Excel file that contains financial data or passwords.

As soon as a hacker obtains such a document and opens it, you will receive a notification. A trap can thus be used as a detection tool to detect advanced cyberattacks.

The product is comparable to a DeepBlue Honeypot. Where a honeypot appears as a legitimate device in your corporate network, a trap looks like a legitimate document.

How does a trap work?

You upload a document of your choice to our Raven platform. The platform then provides the document with an invisible trap. You then place the file in your network, for example in your documents folder or in a Microsoft Teams folder. As soon as someone opens the file, you will be notified via our Raven platform.

The operation is similar to a tracking pixel, but our traps provide more information about the attacker, for example where it comes from. Also, the original location of the trap indicates which systems the hacker may have access to. This can help you in quick incident response because you can specifically block or change accounts.

Our platform offers support for different types of traps. In addition to documents, you can also think of login data or easy-to-crack passwords for certain user accounts. As soon as an attacker tries to log in with this information, you will receive a notification.

How are traps used?

By spreading different traps in your network, you increase the chance of detection. As soon as someone opens or uses one of the traps you will be notified immediately (in real-time).

Traps should be distributed among your critical network assets. Think, for example, of your email environment or critical servers within your company where, for example, intellectual property is recorded.

DeepBlue Raven Logo_Final file

 It is possible to distribute documents prefabricated by us in your network, in addition it is possible to upload your own document and provide it with a trap. Think, for example, of annual reports with a different year, Excel files with passwords that are incorrect and so on.

Through our platform you can generate and activate an unlimited number of traps for a fixed fee. This is important because this way you can distinguish the different traps from each other. After all, you want to know specifically which document has been opened so that it is possible to trace back exactly where a possible hack took place.

header-stad-home-deepbluesecurity

This website uses cookies

We use cookies to improve your experience. Read more

Close