Honeypots are computers or other resources left as bait for attackers.
Honeypots appear to be a functioning, conventional resource on a target network. However, honeypots are isolated from the sensitive network infrastructure and are repositories for the hacking tools that assailants use. Once the attacks infect the honeypot, network administrators and security teams can analyze the toolkits to develop defenses in line with the toolkit’s attributes.
Honeypots come in different categories ranging from ones that are meant to absorb the attack, and thus serve a defensive measure in and of themselves, and ones capable of conducting comprehensive analysis.
“The financial services company I work for has an extensive minefield of honeypots that catch malicious software that targets the bank. Once these dedicated devices catch the payload, they analyze it so our actual network can better detect them.”