Detecting when a Honypot is accessed is important to detect lateral movement across your environment. We recommend that SIEMs should be tested for honeypot detection to ensure the detection of lateral movement which could originate from both employees and external bad actors
Step 1: Access the IP address of the honeypot through a web browser in the format of http://x.x.x.x/8080
Step 2: Enter invalid credentials and press submit.
Step 3: You should receive a notification indicating the honeypot detection