Google Cloud – D E C E I V E R . I O

Deceive, Detect, Engage

Google Cloud Functions Honeypot

Deploy a decoy Google Cloud Function that appears to perform a sensitive operation (e.g., accessing a database, processing payment information) but, in reality, only logs invocation attempts and attacker-supplied data.

Fake Google Cloud Service Accounts with High Permissions

Create decoy service accounts with names suggesting elevated privileges (e.g., “deployment-admin,” “database-owner”) but with restricted access. Monitor any attempts to utilize these accounts, which could indicate an attacker attempting privilege escalation or lateral movement.

Tag: Google Cloud

Google Cloud Functions Honeypot

Fake Google Cloud Service Accounts with High Permissions

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense