EAC0010 – D E C E I V E R . I O

Deceptive Biometric Authentication

Goal: Detect attackers attempting to bypass or spoof biometric authentication mechanisms.

Approach: Creating deceptive biometric authentication prompts that capture attacker attempts or redirect them to decoy systems.

Deploy fake biometric authentication prompts that appear to process biometric data but instead capture attacker attempts, log their activities, or redirect them to controlled environments.

Honeytokened Administrative Tools

Goal: Detect and track the usage of administrative tools by unauthorized users.

Approach: Monitoring access to and usage of honeytokened tools.

Deploy decoy versions of administrative tools (e.g., PowerShell, PsExec) that mimic their legitimate counterparts but log usage, trigger alerts, or provide misleading information.

Deception for Insider Threat Detection

Goal: To detect and mitigate insider threats using deceptive techniques.

Approach: Detecting malicious activities by insiders using deception.

This element involves deploying deception assets and techniques to detect and deter malicious insiders. It may include creating fake files, documents, or credentials that are designed to attract insider attention.

Tag: EAC0010

Deceptive Biometric Authentication

Honeytokened Administrative Tools

Deception for Insider Threat Detection

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense