Starter Edition is Live - Deploy Free Honey Tokens Now!
Filter by Category
All Posts
Threat ResearchIndustry AnalysisProduct InsightsEngineering

Showing Threat Research articles

NEWThreat Research
December 17, 2025 16 min readRad Kawar

The Post-Compromise Gap: Why Mature Adversaries Keep Winning

An insider's perspective on why current security products fail to stop modern red teams and sophisticated attackers, and what security teams need to know.

Read featured article

Threat Research

11 articles
NEW
Threat Research

Deception Taxonomy: A Common Language

A common language for deception operations. The vocabulary needed to discuss honey tokens, tripwires, and alert lifecycles with precision.

Dec 167 min readRad Kawar
Read article
Threat Research

Windows Stealers: How Modern Infostealers Harvest Credentials

Technical analysis of Windows information stealers using Sryxen as a case study. How they decrypt browser data via DPAPI, evade analysis, and exfiltrate credentials.

Dec 27 min readRad Kawar
Read article
Threat Research

macOS Stealers: How Modern Infostealers Harvest Credentials

Technical analysis of macOS information stealers using Banshee as a case study. How they phish passwords, decrypt Keychains, and exfiltrate browser data.

Dec 29 min readRad Kawar
Read article
Threat Research

Field Notes on Malware: The Evolution of C2 Evasion and What It Means for Detection

While malware developers continue using BOFs, shellcode, and sleep obfuscation, a capability researched and published almost 2 years ago has surprisingly not gained traction. Understanding these techniques is critical for defenders.

Nov 267 min readRad Kawar
Read article
Threat Research

The Psychology Behind Effective Honey Tokens

Attackers validate credentials when type and context match their targeting. Understanding cognitive shortcuts and cost-imposing sludge determines detection success.

Nov 197 min readRad Kawar
Read article
Threat Research

Early Warning Detection for Credential Theft: Why Behavioral Analysis Fails

57% of breaches discovered externally. Infostealer credentials evade EDR for years. Early warning honey tokens detect validation before lateral movement.

Nov 1810 min readRad Kawar
Read article
Threat Research

AI-Orchestrated Attacks: Why Detection Speed Matters More Than Ever

Chinese state-sponsored campaign used AI to automate 80-90% of tactical operations at machine speed. Early warning detection becomes critical when attacks move in milliseconds.

Nov 1616 min readRad Kawar
Read article
Threat Research

From Phish to Package: NPM Supply Chain Attacks

Analysis of a recent NPM supply chain attack that deployed Scavenger malware through compromised packages, including a new overlooked phishing technique.

Jul 207 min readRad Kawar
Read article
Threat Research

Understanding Your Adversary: The Human Side of Threat Intelligence

How recognizing attackers as goal-driven individuals transforms defensive philosophy. Learn why simple, psychologically-grounded deceptions outperform technical complexity.

Jul 510 min readRad Kawar
Read article
Threat Research

Threat Intelligence in Cyber Deception: A Planning Guide

How threat intelligence transforms cyber deception from guesswork into strategic planning - understanding what attackers actually do and why it matters.

Jul 46 min readRad Kawar
Read article
Threat Research

Modern Adversary TTPs: The Rise of 'Read Teaming'

An insider's perspective on why current security products fail to stop modern red teams and sophisticated attackers, and what security teams need to know.

Jun 76 min readRad Kawar
Read article
DeceptIQ | Early Warning Detection Research