Adrian Sanabria explains why deception is the most overlooked opportunity in security operations today. This Free Upskill Challenge provides an introduction into how honeypots and honeytokens can be used as a cheat code for detection engineering.
Price = FREE!
Get a glimpse into the devious and delightful world of defender deception. Defenders have the home court advantage but often donโt take advantage of it. Attackers gain access to an enterprise environment and find default settings, familiar architectures, and arenโt challenged or detected when pivoting through environments.
Thereโs a common phrase I find annoying: “Attackers only have to get it right once; defenders have to get it right every time.”
Not only is this sentiment untrue, itโs also demotivating and defeatist. This phrase is only correct for theย first step of the attack. Following that, the power balance flips, as the attacker is in the defenderโs house. Much like Kevin in Home Alone, thereโs no reason the attacker should have an easy time. Once in the defenderโs environment, it is the attacker that has to evade detection 100% of the time, and the defender only needs to detect the attacker once.
Whatโs an Upskill Challenge (UC)?
A UC is a CTF-style, bite-sized lesson from the JHT Team, our courseware developers as well as โfriendsโ of JHT. They are meant to be short and to the point. UCs focus on a single tool or concept and are helpful in quickly providing useful skills that might be prerequisites for other types of educational content on the platform.
A UC should be 10 โ 30 minutes of student time and have no VMs. There are quizzes to make sure that the content is understood.
Prerequisites for UC – Detection via Deception
UCs assume no knowledge at all! Theyโre meant to be completely self-contained, so all of the answers are in the lesson. No outside research is required.
