Azure – D E C E I V E R . I O

Deceive, Detect, Engage

Azure Active Directory (AD) Decoy User Accounts

Create fake user accounts within Azure AD with enticing names or roles (e.g., “admin,” “backup_admin”). Monitor login attempts and activity related to these accounts to identify credential stuffing or brute-force attacks.

Azure Web Application Firewall (WAF) Honeytrap

Configure a decoy Azure WAF with intentionally permissive rules to attract attackers. Monitor traffic hitting this WAF to identify malicious patterns and gather intelligence on attack techniques.

Azure Key Vault Honeytoken

Create a fake Azure Key Vault instance containing decoy secrets and keys. Monitor access to this vault to detect attempts to steal sensitive information.

Tag: Azure

Azure Active Directory (AD) Decoy User Accounts

Azure Web Application Firewall (WAF) Honeytrap

Azure Key Vault Honeytoken

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense