Blog

Security research, threat intelligence insights, and product updates.

February 22, 2026

We Caught a Bot Fingerprinting Open-Source Honeypots — Here's Exactly How It Works

A new bot is actively identifying Cowrie, Kippo, Dionaea, Glastopf, OpenCanary, and Honeytrap installations before deciding whether to attack. We captured the full session. Nobody else is talking about this.

honeypots detection threat intelligence cowrie kippo dionaea opencanary glastopf honeytrap evasion SSH research

February 22, 2026

Threat Catalog Update — Behaviors Now Show Linked Detection Primitives

Attack behaviors in the SikkerAPI detection catalog now display their underlying primitives as clickable tags. Browse the relationship between high-level attack patterns and the low-level detection rules that compose them.

updates catalog behaviors primitives detection threat intelligence