|
Quarterly Newsletter
Hello HoneyDB community! Welcome to the last newsletter of 2020. I hope everyone is safe and well. This year has been a challenge for many. HoneyDB also had its share of challenges with a few server outages to recover from. However, there were several positive achievements as HoneyDB continues to grow. This edition of the newsletter highlights several advancements from our last update. Enjoy!
|
|
HoneyDB Splunk App!
This quarter saw the release of the HoneyDB Splunk App. Now Splunk users can easily pull HoneyDB data to enrich threat monitoring. The app pulls data from both the "Bad Hosts" and "Sensor Data" API endpoints. You can find the app listed in Splunkbase here. The app is also open sourced and available on Github here. If you have questions or feedback, please feel free to reach out in the HoneyDB Slack workspace.
|
|
Sign in With Google
Users can now sign in to HoneyDB with their Google accounts. If you are already a HoneyDB user there is no need to switch, unless you prefer to use your Google account to sign in. Note, if you do switch to using your Google account, this will be a "new" account within HoneyDB, so you will need to generate new API keys.
 |
|
Internet Scanners
A new helper API endpoint was added to determine if an IP address is associated with a known Internet scanner service. These services are typically conducting Internet research and can be considered harmless. If your are investigating an IP, a quick look up against this endpoint will return true or false to let you know if it is a known research scanner. See API documentation for more details. |
|
Agent Updates / 64-bit ARM Support
The latest release of the agent is v1.17.0. The latest updates are mostly related to improved logging options, which include logging to standard out and hpfeeds. A more significant update is the release for 64-bit ARM support. Debian packages are available for Ubuntu 18 (Bionic) and Ubuntu 20 (Groovy) on the ARM64 platform. See all release notes detail here. |
HoneyDB User Growth
Since the last newsletter, HoneyDB has seen a 25% growth in users. This has been a fantastic trend, and we hope it continues. If you've benefited from HoneyDB please tell your friends and colleauges to give it a try!
|
|
STINGAR Includes HoneyDB
At Duke University, the STINGAR initiative is a project that enables low friction generation of threat intelligence, data sharing, and action on threat intelligence for the higher education community. In addition, STINGAR maintains the open-source project CommunityHoneypotNetwork (CHN), a honeypot deployment and management automation platform. HoneyDB is thrilled to share that STINGAR has added the HoneyDB Agent to the CHN platform, and it will be available in the upcoming 1.9.2 release! This exciting integration will provide additional honeypot capability to CHN as well as increase the contribution of honeypot data to HoneyDB.io.
To learn more about STINGAR, visit https://stingar.security.duke.edu. To check out the CHN project visit the documentation site here. Finally, a special thanks to Jesse Bowling for collaborating with HoneyDB to make this happen!
|
|
|
|
|
At this time no new workshops have been scheduled. However, keep an eye out for announcements early 2021.
If you'd like to request or suggest an event for an in-person HoneyDB workshop use this form.
|
|
HoneyDB Project Support
HoneyDB is extremely grateful to these sponsors that enable the project to grow and produce valuable threat information for defending your network and applications. You can support the HoneyDB project by running your own HoneyDB Agents, learn more here.
|
|
|
HoneyDB Slack Workspace
HoneyDB community on Slack is growing! Access to the Slack workspace is invite only for active users of the HoneyDB API and agent. The goal is to connect project users, share ideas, and provide support. If you are an active API or agent user, and would like to join the Slack workspace, submit your request to join here.
|
|
|
|
The goal of this newsletter is to keep you informed with updates and announcements related to the HoneyDB project. This newsletter will be issued quarterly. However, if you'd like to unsubscribe use the link at the bottom of this email. You can also follow HoneyDB on Twitter (@honeydbio) to catch updates and announcements as they occur.
|
|
|
Follow HoneyDB on Twitter to catch the latest updates and announcements.
|
|
|
|
|
