Using Honeyfiles to detect adversaries and infostealers with Zane Gittins

limacharlie logo
LimaCharlie
Oct 16, 2025
LimaCharlie

Defender Fridays - Using Honeyfiles to Detect Adversaries with Zane Gittins

Join us for this week's Defender Fridays as we explore using honeyfiles to detect adversaries and infostealers with Zane Gittins, IT Security Manager at Meissner Filtration Products.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

What We'll Discuss

In this episode, Zane demonstrates how to deploy honeyfiles via Velociraptor and discusses deception techniques that give defenders a home turf advantage. Learn how these decoy files serve as tripwires for early detection of compromise.

Key Topics:

  • Deploying honeyfiles at scale using Velociraptor and ETW
  • Detecting infostealers with decoy credentials and sensitive files
  • Using thread analysis to filter legitimate file access from injected beacons
  • Combining honeyfiles with canary tokens for layered detection
  • Tuning deception techniques for enterprise environments

Zane's LinkedIn: https://www.linkedin.com/in/zane-g-40291a152/

Register for Live Sessions

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.

Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.

Why LimaCharlie?

  • Eliminate vendor sprawl and tool complexity
  • Deploy and scale effortlessly on native multi-tenant architecture
  • Reduce costs with intelligent data routing and free 1-year retention
  • Build custom solutions with 100+ security capabilities on-demand
  • Improve response times with automation and real-time capabilities

Try the SecOps Cloud Platform free: https://limacharlie.io
Learn more: https://docs.limacharlie.io

Follow LimaCharlie

Sign up for free: https://limacharlie.io
LinkedIn: https://www.linkedin.com/company/limacharlieio/
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - Founder at LimaCharlie
LinkedIn: https://www.linkedin.com/in/maximelb/

#defenders #cybersecurity #threatdetection #secops #infosec #cyberdefense

Copyright © 2026 OpsMatters™. All rights reserved.