Canary Honeypot – What is it?

When attackers have breached your network, one of the first actions they will take is to passively fingerprint the network to see what might be good to exfiltrate or encrypt.  When we detect any activity with the Canary or it’s associated files, we will be alerted therefore enabling further investigation by our analysts and, if we find it to be a true positive, we will let you know.