SAML – D E C E I V E R . I O

Deceive, Detect, Engage

Deceptive SAML IdP

Goal: To gather information about attackers attempting to exploit SAML vulnerabilities and detect their presence.

Approach: Monitoring access to the deceptive SAML IdP and analyzing attacker behavior.

Attackers who attempt to use the fake SAML IdP for authentication or authorization will be misled, and their actions will be logged.

Deceptive Identity Provider (IdP) Responses

Goal: Redirect attackers attempting to authenticate to a deceptive environment.

Approach: Manipulating IdP responses to redirect authentication flows.

When an attacker attempts to authenticate through an IdP (e.g., OAuth, SAML), manipulate the response to redirect them to a fake login portal or a controlled environment.

Tag: SAML

Deceptive SAML IdP

Deceptive Identity Provider (IdP) Responses

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense