Using honeypots with OSS tools can provide excellent real-time threat intel, both externally and internally. This is not just about how to use honeypots, but how to leverage the data in meaningful ways. Everyone has "played" with honeypots, now let's put them to real use without spending a fortune. In 2015 alone, over $60B was spent on commercial security tools, and yet breaches are on the rise. There must be a better way?