Logo of Acalvio, a leading company in cyber deception technology

Honey Account

What is a Honey Account?

A “honey account” is a type of cybersecurity strategy or technique used to detect and track unauthorized access attempts or malicious activities on a network or system. It involves creating a fake or decoy account that appears to be legitimate to potential attackers but is designed to capture information about their actions.

Honey accounts are not used for actual business operations or legitimate user activities but are intentionally designed to attract and monitor malicious actors. By analyzing the activities of attackers on these honey accounts, organizations can gain insights into emerging threats, vulnerabilities, and attack patterns, which can then be used to better secure their real systems and networks.

Honey Token

Difference Between Honey Account and Honey Pot

The term “honey account” is derived from the concept of a “honey pot,” which is a similar cybersecurity technique where a vulnerable system or network is intentionally left exposed to attract hackers. The goal of both honey pots and honey accounts is to gather information about attackers’ methods, motives, and techniques, helping security professionals understand their tactics and enhance their overall cybersecurity defenses.

How does Acalvio use Honey Accounts for identity security?

Acalvio provides an enterprise-scale implementation of Honey Accounts and HoneyTokens with automated life cycle management.

Acalvio Honey Accounts are deceptive accounts (representing human and service accounts) created in the Active Directory (AD) that are specifically designed to lure attackers and deflect them away from real identities.

HoneyTokens are deceptive credentials and data that are embedded in legitimate assets such as endpoints and cloud workloads. Any usage or manipulation of these deception artifacts is a very reliable indicator of an identity threat.

Acalvio recommends the count and types of Honey Accounts that can be registered on CrowdStrike. Acalvio also deploys HoneyTokens on endpoints. CrowdStrike monitors the activity on Honey Accounts and effectively blocks the identity threat based on that information.

Available on the CrowdStrike Store, the solution empowers customers to use Acalvio’s HoneyTokens and Honey Accounts seamlessly to detect identity threats.