Getting started
#
Subscribe to GitGuardian HoneytokenHoneytoken is a new module in the GitGuardian platform. You can request a live demo!
tip
For now, Honeytoken is only available on early access.
Reach out to your GitGuardian contact if you would like to enable the beta version on your workspace (Business - SaaS only).
The module is restricted to Manager roles
In the first early access release, the Honeytoken module is reserved for users with a "Manager" role on the GitGuardian workspace. This will evolve in the future to allow more roles to create and manage honeytokens.
#
Create and deploy your first honeytokenIn the Honeytoken module, click “Create honeytoken”. Enter a name for the honeytoken, and optionally a description. The description may contain more detail about where and how exactly you will place this honeytoken. You can also select or create some labels to define your honeytoken in a more structured way.
Note: For now, we are only proposing AWS keys, but we are exploring other types of honeytokens.
Congratulations! Your honeytoken creation is confirmed, and you get your honeytoken key.
Insert this key in the asset you want to protect! If an attacker ever trips on the honeytoken, you'll get an instant alert letting you know that it has happened.
#
Test your honeytokenIf you want to test the triggering and alerting mechanism, you can trigger your own honeytoken.
To do so, run the following AWS CLI command:
$ AWS_ACCESS_KEY_ID=<AWS_ACCESS_KEY_ID> AWS_SECRET_ACCESS_KEY=<AWS_SECRET_ACCESS_KEY> AWS_DEFAULT_REGION=us-west-2 aws sts get-caller-identity
where <AWS_ACCESS_KEY_ID>
and <AWS_SECRET_ACCESS_KEY>
are replaced with the values of your honeytoken.
This will generate an event and thus trigger the honeytoken.
Don’t forget to reset your honeytoken afterward to be alerted of any “real” trigger on it.