Field notes from an active deception platform — fresh attacker TTPs, campaign correlations, and tooling drops. No fluff, no spam, just signal from the honeypots.
No spam. Unsubscribe anytime. We never share your address.
Weekly breakdowns of real intrusion attempts captured by our honeypots and Cowrie sensors — commands, payloads, and infrastructure.
How loosely-related events cluster into coordinated campaigns, with the ASN and BGP context that ties them together.
Early access to new platform tools — link detonation, canary tokens, and deception markup — plus the thinking behind them.