“Honeytokens” – Using Honeypots to Detect Credential Compromise

Date: Thursday, August 8th at 11:00am PT / 2:00pm ET

Commonly used and highly successful credential compromise techniques like Pass-the-Hash and Pass-the-Ticket are notoriously difficult to detect amidst the noise of everyday activities within Active Directory. To an observer, they appear to be legitimate authentication events and to Active Directory, they are.

However, the use of deception methods like honeypots have proven to be particularly effective in capturing less savvy or careless attackers at a minimum, allowing security practitioners to proactively detect and thwart attempts to compromise their credentials and the resources they provide access to.

Join STEALTHbits’ VP of Product Strategy, Rod Simmons, for an informative tutorial on sophisticated credential attack techniques and how the use of honeypots can be employed to definitively detect attempts to compromise Active Directory credentials.

During this 60 min session, we’ll review:

  • How do these attacks really work?
  • Why are they so difficult to detect?
  • How can techniques like “Honey Tokens” help identify nefarious authentication behavior?

Register now!

Your e-mail address is used to communicate with you about your registration, related products and services, and offers from select vendors. Refer to our Privacy Policy for additional information.