Events Processed
Edge Defense
Honeypot & Pre-Attack Detection
Detect scan/enumeration behavior and route detections into recent alerts.
Login
Edge Defense Monitor
Sensor Metrics
PendingWaiting for internal edge telemetry. Status updates after each edge heartbeat.
Processing Errors
0
Packet Errors
0
Latency
-
Packet Loss
0%
Sensor Configuration
Enable on-edge honeypot telemetry and pre-attack behavior reporting for Internal Scan environments.
Lower values prioritize broad capture. Higher values prioritize confidence and suppression of noisy events.
Detection Coverage
Recommended event classes for robust adversary behavior visibility:
- Ping sweep / host discoveryICMP + ARP probing burst detection Idle
- Port scan / service enumerationSYN/UDP fan-out and rate anomaly heuristics Idle
- IPv6 poison & responder-like trafficLLMNR/NBNS/mDNS spoof signal and rogue responder patterns Idle
- MITRE pre-attack behaviorDiscovery/Reconnaissance tactics with tactic-technique tagging Idle
High-confidence detections generate Honeypot hit detected alerts in Recent Alerts.
Events Processed (24h)
Hourly histogram of on-edge sensor processing. Red markers indicate detection activity during that hour.
Bars
Recent Detections
0
Most recent telemetry events reported by internal edges.
| Observed | Edge | Event Type | Severity | Source | Destination | MITRE |
|---|