Skip to content

HoneypotDB Documentation

Home
Guides and Tutorials
Guides and Tutorials
Core Capabilities
Core Capabilities
- Signals
  Signals
  - Overview
- Search
  Search
  - Overview
  - Query Langauge

Signals Capability

Every action taken by an attacker on one of our Honeypots is mapped to a unique entry called a signal.

These signals are then parsed and indexed into our data set for querying and analysis.

Our signal capability forms the foundation of all our other capabilities and intelligence, including:

Queried using our Search API
Correlated into full events (On the roadmap )
Weighed via our MITRE ATT&CK driven Scoring System (On the roadmap )
Mapped into attack kill chains (On the roadmap )