The concept of deception security has been around since early 1990. However, its rate of adaption has been very slow. Deception security has been primarily used for research (ad-hoc hobbyist using honeypot systems or commercial rebranding of the same systems) and rarely as a protection mechanism. The security industry has a very limited understanding of Deception security and is not using it at its full capacity.

This is presentation is based on my research into Deception security. I will take you through a journey starting from deception fundamentals in real-world to Deception Defence. I will describe a hand-picked selection of principles in Deception Defence and explain how deception tactics can be used by an adversary, i.e. Deception Offence.

Lastly, depending on the time available, I will demo a setup of a Deceptive Defence platform on Azure and Office 365. I will show by applying some smart configurations and with no additional tool, you can significantly increase the cost of an attack. In one example, by applying a simple change to a host, I have 30 times increased the time to a successful reconnaissance.

A random guy from down-under that had got everyone to eat Kremsnita for the first BsidesLjubljana



[Slides (PDF)]

Comments are closed.