Cyberattacks on the software supply chain are on the rise. Increasingly, cybercriminals target organizations by entering their networks through the back door via a third-party system. A recent report by the software supply chain management organization Sonatype revealed that over the past three years, software supply chain attacks have increased by 742% annually.
In light of this monumental rise, GitGuardian, one of our Top 10 Shortlist Companies that represent Cybersecurity as a Business Enabler, has released Honeytoken, a software that’s built to detect supply chain breaches.
What Is Honeytoken?
Honeytoken is a new module that users can utilize on the existing GitGuardian platform to protect the software supply chain from attacks targeting various entry points, including Source Control Management (SCM) systems, Continuous Integration/Continuous Deployment (CI/CD) pipelines, and software artifact registries.
Which companies are the most important vendors in cybersecurity? Check out
the Acceleration Economy Cybersecurity
Top 10 Shortlist.
As the name suggests, Honeytokens are honey traps designed to lure in attackers by posing as real credentials, API keys, or other secrets. When an attacker attempts to infiltrate an organization’s core system using the fake code discovered in an external source, they are prohibited from doing so, an alert is triggered, and information on the users IP address, source, the action performed, and more is sent immediately to a member of the company’s cybersecurity team.
What Are the Benefits?
GitGuardian cites three core use cases for the new technology in securing the supply chain: to reduce the time it takes to detect a breach, to strengthen supply chain security, and to identify public exposure of code.
Breach detection time is reduced because security teams are sent immediate alerts when the false code is used. Because authorized members of an organization would never use the honeytoken, security pros can proceed with confidence that a malicious party attempted to access the network.
Because honeytokens can be placed in internal and external tools — such as systems belonging to third-party vendors — organizations can strengthen security across the supply chain. And, as GitGuardian actively monitors public GitHub repositories, the owner is immediately notified when a honeytoken is operationalized.
Organizations can create as many honeytokens as required for the various assets they wish to protect. These honeytokens can be monitored via the GitGuardian dashboard.
Honeytokens are a strong addition to GitGuardian’s existing secrets protection platform. Moving forward, GitGuardian plans to deploy honeytokens as an automated feature in the software development lifecycle, so this innovative threat detection and remediation technique can be rolled out at scale.
As threats to the software supply chain increase, there is a real need to outwit attackers. In many ways, GitGuardian has used the popularity of third-party attack vectors to its advantage by capitalizing on the fact that attackers are actively searching for exposed secrets by presenting them with information to deceive them, draw them in, and capture information about them.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel: