Soya Aoyama
Soya Aoyama is a cybersecurity researcher and Global Fujitsu Distinguished Engineer. Soya worked as a Windows software developer at Fujitsu for over 20 years, developing NDIS drivers, Bluetooth profiles, WinSock applications, and more.
Soya started working in security research in 2015, mainly researching attacks using Windows DLLs, and has spoken at a number of international hacker conferences, including Black Hat, BSidesLV, GrrCON, DerbyCon and LeHack, and was also a mentor at BSidesLV 2023, 2024 and BSides London 2024.
Soya is one of the founders of BSides Tokyo, and has been involved with the organization since its first edition in 2018.
Session
Have you heard of the term "Delaying Action"? In military strategy, it refers to a defensive maneuver where forces avoid decisive engagement, instead continuing to fight strategically for as long as possible to slow the enemy's advance. In today’s cyber warfare, where attacks are fast and automated, adversaries can breach assets in seconds. We believe this classical doctrine must be reimagined for modern cybersecurity.
This concept inspired the development of the Azazel System, which implements Cyber Scapegoat technology—a novel deception mechanism that absorbs attacks, misleads adversaries, and strategically delays their progress. Unlike traditional honeypots that simply observe, the Cyber Scapegoat actively engages and binds the attacker, realizing a true delaying action in cyberspace.
Built entirely with open-source software on a Raspberry Pi 5, the Azazel System is lightweight, portable, and easy to deploy in home labs, gateways, VPN endpoints, or CTF environments.
In this talk, we encourage the audience to rethink cyber defense as a means of controlling time. Defense is not just about stopping attacks, but about delaying them tactically. We invite attendees to explore how deception and delay can be adapted to their own environments to build creative and resilient cyber defense strategies.