Kubernetes – D E C E I V E R . I O

Azure Kubernetes Service (AKS) Honeypod

Deploy a decoy pod within an AKS cluster that mimics a legitimate application but contains fake data or triggers alerts upon access. Monitor network traffic and logs associated with this pod to identify attackers attempting to exploit vulnerabilities or gain access to sensitive information.

Mimicked Kubernetes Pods

This element involves deploying deceptive Kubernetes pods that mimic legitimate pods but perform deceptive actions or contain deceptive information.

Fake Kubernetes Secrets

Goal: To identify attackers attempting to steal sensitive information stored as Kubernetes secrets.

Approach: Monitoring access to the fake secrets and analyzing attacker behavior. This element involves creating fake Kubernetes secrets that mimic legitimate secrets but contain misleading or deceptive information.

Attackers who attempt to access or exfiltrate the fake secrets will be identified and their actions will be logged.

Tag: Kubernetes

Azure Kubernetes Service (AKS) Honeypod

Mimicked Kubernetes Pods

Fake Kubernetes Secrets

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense