A honeypot (also known as a 'honeytoken') is a cybersecurity mechanism designed to lure cyber criminals away from legitimate targets. Honeypots are also used to gather intelligence about the identity, methods and motivations of adversaries, in order for security response teams to observe and learn from the attacker's techniques.
Honeypotting is different from other types of security measures in that it is not designed to directly prevent attacks. A honeypot's job is to refine an organization’s intrusion detection system (IDS) and threat response, so it can better manage and prevent attacks, by acting as a decoy and misdirecting any threats.
A honeypot can also pretend to be a system that contains sensitive consumer data, such as credit card or personal identification information. A security team will populate the decoy honeypot with fake data that may draw in an attacker looking to steal, use or sell it. This makes honeypots significant in the line of cybersecurity defense, as they help to flag threats early on.