Deceive, Detect, Engage

Azure Storage Account with Honeyfiles

Create a decoy Azure Storage Account containing fabricated files that appear to be valuable or sensitive. Monitor access patterns and download attempts to identify attackers seeking to exfiltrate data or gain unauthorized access.

Engage Goals: EGO0001 Expose

Engage Approach: EAP0002 Detect

Engage Actions: EAC0015 Information Manipulation, EAC0018 Security Controls

Name of Element: Azure Storage Account with Honeyfiles

Description of Element:

Technical Context:

Placement: Within a resource group that stores other sensitive data or backups.

Requires familiarity with Azure Storage Account configuration, access tiers, and security features.

Other:

Att&ck/Engage Mapping: T1083 File and Directory Discovery, E1504 Decoy Content

Azure Storage Account with Honeyfiles

Leave a Reply Cancel reply

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense