I’m not endorsing this product, though I think they’ve got an innovative concept. Someone let me know how the product actually works.
From the perspective of the Orlando Doctrine, however, the description of the application fits neatly into the Deceive spectrum on the Network Use of Force Continuum. It helps from a detection perspective to establish immediacy, as well
From the website:
So just what is Nova again?
Nova is a software application for preventing and detecting hostile network reconnaissance
How does it do that?
Two primary ways. The first is by creating a large array of thin virtual machines on the target network. These VMs are created using an updated Honeyd to be extremely lightweight. They are not your typical VMs that you might see from VirtualBox or VMWare. They just appear to be real from the perspective of the network, and run network “services” which are just shell scripts.
Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance. So there’s no need to go searching manually through your honeypot’s log files.