Risky Biz Soap Box: Greynoise has built the world's biggest, and smartest, honeypot
Risky Business
English - February 15, 2023 13:00 - 35 minutes - 32.1 MB - ★★★★★ - 339 ratingsTechnology News Tech News Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Risky Business #695 -- North Korea is ransomwaring hospitals, Russia to make "patriotic" hacking legal
Next Episode: Risky Business #696 -- Why Twitter had to kill SMS 2FA
In this interview we’re chatting with the founder of Greynoise Intelligence, Andrew Morris.
Greynoise operates a global network of sensors that collect data on things like mass scanning, exploitation and reconnaissance. The idea is if your SOC gets an alert from a particular IP you can see if it’s associated with mass scanning or exploitation, or if it’s something that’s just targeting you.
And as you’ll hear, there are other use cases also, but we’re talking about a few things with Andrew today. He talks about being able to selectively port forward attacks targeting his sensor network to a data centre running the services being targeted, about the ESXiArgs ransomware attack and more.
Enjoy!