Microsoft Honeytokens β
Microsoft Honeytokens are decoy files designed to detect unauthorized access or suspicious activity. These files look and behave like legitimate Microsoft documents, but they are monitored by Trapster.
When someone opens or interacts with a honeytoken, Trapster immediately sends an alert to your Trapster Dashboard, providing real-time visibility into potential insider threats or malicious activity.
How It Works β
- Honeytokens appear as normal Microsoft files, such as Word, Excel, or PowerPoint documents.
- When the file is opened, edited, or otherwise accessed, Trapster logs the event.
- Alerts include detailed information, such as the user or device that triggered the file and the timestamp of access, giving you actionable insights for investigation.
Note: Microsoft Honeytokens are safe to deployβthey contain no real sensitive data, making them ideal for detecting unauthorized activity without risk.
Available File Types β
Trapster supports honeytokens for the most commonly used Microsoft file formats:
- Microsoft Word β
.docx - Microsoft Excel β
.xlsx - Microsoft PowerPoint β
.pptx
Related Honeytoken Options β
Microsoft Honeytokens can be combined with other types of honeytokens for broader coverage:
- What is a Honeytoken? β Overview of honeytokens and their purpose
- URLs β Honeytokens embedded in links for detection
- JavaScript Cloning β Detect cloned web pages
- QR Code β Track QR code scans or distribution