>> "Another element of a honeytoken's value is their flexibility. You are really only limited by your imagination. As we have demonstrated in the section above, honeytokens excel as a detection mechanism. However, honeytokens can do so much more. Not only can they detect an..."
Selection of a honeytoken, while apparently a useful tool, is not trivial. For example, an IDS seeing the honeytoken on the wire is not adequate to determine a security violation. Suppose that the executive is actually reading her email.
It sounds like a good idea, but while only limited to your imagination, it is also limited by the ability to determine context of the use of the honeytoken.
If no one else has done it yet, this is an early step in the process to making something in the OSS world.
What can follow is that others see what was done, if it works, it's used, if it doesn't someone rewrites it so it does work. This brings it closer to being the piece of software it needs to be to serve the intended purpose.
Debugging is part of this reworking. I don't know if this debugging is any quicker than closed source projects, but it's being done by folks who need the functionality in something they are doing.
Slashdot Mirror
>> "Another element of a honeytoken's value is their flexibility. You are really only limited by your imagination. As we have demonstrated in the section above, honeytokens excel as a detection mechanism. However, honeytokens can do so much more. Not only can they detect an..."
Selection of a honeytoken, while apparently a useful tool, is not trivial. For example, an IDS seeing the honeytoken on the wire is not adequate to determine a security violation. Suppose that the executive is actually reading her email. It sounds like a good idea, but while only limited to your imagination, it is also limited by the ability to determine context of the use of the honeytoken.
If no one else has done it yet, this is an early step in the process to making something in the OSS world.
What can follow is that others see what was done, if it works, it's used, if it doesn't someone rewrites it so it does work. This brings it closer to being the piece of software it needs to be to serve the intended purpose.
Debugging is part of this reworking. I don't know if this debugging is any quicker than closed source projects, but it's being done by folks who need the functionality in something they are doing.