2025-12-06 –, Track 3
Deception allows defenders to easily impose cost on an attacker in your environment. With cloud usage being commonplace in modern organisations, we will talk about deploying deception in your cloud environment - making it a hostile place for any unwanted visitors. From deploying fake credentials, to fake IdPs and entire fake infrastructures, we have you covered! Join us to learn more about equipping your cloud environment with breach detection that works.
In this talk, we will take the audience from learning and understanding deception technologies to how to deploy them throughout their cloud environments (with a focus on AWS and Azure).
These deception technologies are low-cost and easy to deploy for defenders, yet deliver high fidelity alerts. No more sifting through streams of events — each alert matters.
By introducing cloud specific fake assets that can be deployed in places that attackers are likely to look, we will show tat deception can be used to impose cost on attackers. More specifically, we'll cover deception in the forms of fake credentials, fake IdPs and fake cloud resources.
Key Takeaways:
- Deception is effective because it allows early detection for a breach
- Deception can be simple an low-cost to deploy
- Deception imposes a cost on an attacker by making every path taken a risk for detection
- There are soooo many more places we should be doing deception
Engineering Team Lead at Thinkst Applied Research (the folks behind Canary). I enjoy anything to do with sport, security, computer games or the lighter side of life.
A software engineer who has spent the last two and a half years dabbling in deception technologies at Thinkst.