 |
The Backup Wrap-UpTurning unappreciated backup admins into cyber recovery heroes Author: W. Curtis Preston (Mr. Backup) Language: en Genres: Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
How Honeypots and Canary Files Catch Attackers Before They Strike
Monday, 11 May, 2026
Honeypots and canary files are two of the most underused tools in cybersecurity — and in this episode, Dr. Mike Saylor and I break down exactly how they work and why you should be using them. The short version: they're tripwires. They tell you a bad guy is poking around your network before anything gets encrypted.Mike walks through his layered security analogy, explains the three different ways organizations use honeypots — learning attacker tactics, distraction, and testing — and then we get into canary files: what makes them different from a honeypot, how they beacon home when stolen, and why clock synchronization matters more than most people think if you ever want that evidence to hold up.We also cover how to stand one up without a big budget, what tools are available, and why something is absolutely better than nothing. Plus, Mike and I have news about our new O'Reilly book, Learning Ransomware Response and Recovery.0:00 - Intro and book news1:09 - Meet the crew3:45 - Security is all about layers9:22 - What are honeypots and canary files?11:00 - Three ways honeypots work for you13:17 - Real-world examples: bait cars and glitter bombs15:20 - Making your honeypot convincing19:11 - Honeypot tools and options21:13 - Something is better than nothing24:10 - Monitoring and notifications25:05 - Canary files explained27:03 - How canary files beacon and track attackers28:03 - Don't forget to sync your clocks29:05 - Final thoughts
