Defenders have deployed honeypots and honeytokens to detect threats targeting GCP workloads. The dynamic and ephemeral nature of cloud workloads with the resource-based policy model in GCP introduces unique characteristics that influence the design of deception. Defenders need to determine answers to questions such as: how many deceptions to deploy, what should they represent, how many of each type, how should these be named, where should the deceptions be placed? This session provides real-world insights from a security practitioner on the design of a deception strategy for cloud workloads that spans honeytokens (GCP IAM service accounts, GKE service accounts) and honeypots (compute instances, storage, pods).
Suril is VP Engineering and Security SME at Acalvio. Suril has deep domain expertise in cybersecurity and has a strong academic and industry background in Computer Science. Suril holds several patents.
Saturday September 12, 2026 10:30am - 11:30am CDT Swissôtel Chicago323 E Wacker Dr, Chicago, IL 60601, USA
