Intrusion Detection Honeypots: Detection through Deception

Chris Sanders will change your mind about adversary detection.- If you think honeypots are not for you, read this book- If you think your company is not ready for honeypots, read this book- If you want to effectively and simply detect if adversaries are dwelling in your network (and have fun with it), read this book.The core of the book is to provide step-by-step tutorials to setup your own detection mechanisms, from start to finish. What I particularly appreciated is the highlight put in the monitoring aspects, which is often the forgotten part despite being essential. Here, you will get ready-to-use Sigma rules written by the author and that you can download from his website.The book does a great job at covering the different uses of deception as a detection mechanism, from honey services to honey credentials, and gives you food for thought with anecdotes and real-life examples. Some clever ideas made me smile, such as how a standard DHCP server can be used as an unauthorized devices detection mechanism. After these you'll start getting your own ideas which will help raise the bar of cybersecurity.About 230 pages written in a concise, easy to read and efficient way.

Really enjoyed reading this book about honeypots! It builds a strong case for using honeypots and has great examples and information on how to implement them. There are also great recommendations for where to learn more and how to go beyond what is presented in the book. Chris also has a great sense of humor and this books was surprisingly hard to put down! Really fun to read and excited to put this information to use!

This book has a nice range of coverage of the topic of honeypots. There are some really fun things to try in there and a lot of excellent information on what you need to watch out for on your installations.

Good book to install security on your system.

Great read, I would recommend this book to anyone interested to protecting their organization or home network.

Great book, serious lack of honey though.

Chris is awesome- and his past work PPA 1-3 is outstanding, yet I was disappointed in this endeavor. Although the book is okay.. IMHO- it provides a great entry point for a novice Cybersec person- is a very high level and not like the rest of Sander's work; which normally does a deep technical dive. If you are looking for a good high level overview of honeypots..then okay; but if you are looking for more a deeper dive technically, architecturally, and operational - this book does not get that deep.

Exactly as described. Thank you.

This took me FAR longer to finish reading than I expected it to, after eagerly awaiting delivery of my pre-order.And I FLEW through the first ~25% of the book, until Chris started to introduce problems in the material. What were these problems you ask? Trigger my inner geek and making me want to try a different t project with every topic discussed.This DEFINITELY got my creative juices flowing. Despite me thinking I knew deception tech, having run honeypots for over a decade, and been up on stage many times evangelising the benefits I learnt lots, from Chris’ writings, have a backlog of projects I want to sink my teeth into, and suspect I’ll be keeping this time near by as a handy reference for some time to come.

One of the things I really enjoyed about this book wasn't just the fact that it is highly practical in explaining the various different honey services you can implement, but it also goes into why they are important, and presents a high level framework that can be used for a lot of other deception based detection.Highly recommend it for anyone trying this stuff out for the first time, or for people who have experience with deception based detection but want to level up and formalize it.

If you are interested in security, this book is for you. Most of the time honeypots effectiveness is underestimated.This book is full of nice suggestions on how you can Deploy honeypots to detect intrusion in an effective way.

This book by Chris Sanders is a modern and practical approach to the use of honeypots as a measure of detecting intruders. It is very well written and even a beginner like myself can follow up on the principles, techniques and frameworks. It helped me a lot to understand how honeypots work, what apsects need to be considered for planning their deployment and how they should be used for maximum efficiency.10/10 would buy again!

Finally a book with a modern take on using honeypots and other deception techniques for detection in an enterprise setting.