Informant
What is Informant?
Sheriff’s Personal Spy… Guy
Informant is Sheriff’s Honeypot add-on. Its purpose is to function as a decoy of a valuable asset, such as a Windows Installation, with lower defenses than the real asset that exists on the user’s network. If an actor attempts to probe or attack the decoy, it will trigger an alarm on the Sheriff Installation that includes a full profile of the intruder: their contents, methods, intent, and capabilities.
Lure
Informant disguises itself as a valuable asset with weak defenses, leaving itself open to attack from potential intruders.
Trigger
Informant blends in with other network assets to appear as a legitimate weak point. Whenever a potential actor attempts to probe or attack it, Informant sends an alarm to the user’s Sheriff Installation.
Collect
Sheriff then collects a full profile of the attacker: their intent, the method of their attack, and their capabilities. This allows users to better prepare for this particular intruder to their network in the future without taking any real damage in the process.
Ready to give Sheriff and Informant a try? Reach out below!
Give us a holler!
