Makoto SUGITA
A former penetration tester turned independent security researcher, I specialize in developing unconventional security tools and offensive/defensive techniques. My work often centers on tactical deception and delay strategies in cyber operations, which I regularly present at cybersecurity conferences across Japan.
Off the clock, I have an incurable vulnerability to good drinks—an "alcohol injection" bug that's still wide open.
Session
Have you heard of the term "Delaying Action"? In military strategy, it refers to a defensive maneuver where forces avoid decisive engagement, instead continuing to fight strategically for as long as possible to slow the enemy's advance. In today’s cyber warfare, where attacks are fast and automated, adversaries can breach assets in seconds. We believe this classical doctrine must be reimagined for modern cybersecurity.
This concept inspired the development of the Azazel System, which implements Cyber Scapegoat technology—a novel deception mechanism that absorbs attacks, misleads adversaries, and strategically delays their progress. Unlike traditional honeypots that simply observe, the Cyber Scapegoat actively engages and binds the attacker, realizing a true delaying action in cyberspace.
Built entirely with open-source software on a Raspberry Pi 5, the Azazel System is lightweight, portable, and easy to deploy in home labs, gateways, VPN endpoints, or CTF environments.
In this talk, we encourage the audience to rethink cyber defense as a means of controlling time. Defense is not just about stopping attacks, but about delaying them tactically. We invite attendees to explore how deception and delay can be adapted to their own environments to build creative and resilient cyber defense strategies.