MCP Deception Incubator — Honeytraps as a Framework for Zero Trust AI Environments

By Harshad Sadashiv Kadam

You must be logged in to access this page

Elevator Pitch

As AI agents gain autonomy through the Model Context Protocol (MCP), they create unseen reconnaissance pathways. This talk unveils a deception-as-a-framework model using edge-based MCP honeypots to expose rogue AI behavior inside Zero Trust environments.

Description

As AI agents begin interacting with corporate APIs, secrets, and internal systems via the Model Context Protocol (MCP), they expose new blind spots in Zero Trust architectures. This session introduces the MCP Deception Incubator — a practical deception-as-a-framework approach built on Cloudflare Workers and open deception primitives such as Canarytokens.

We’ll explore how the framework enables defenders to deploy high-fidelity MCP honeypots across multiple surfaces — API endpoints, DNS, kubeconfigs, and credentials — with zero operational overhead. Each interaction by a rogue AI agent produces metadata-rich telemetry that reveals its reasoning, tool-chain, and access path, turning passive reconnaissance into actionable intelligence.

Through a live demo, attendees will see how edge-based traps trigger in real time and integrate into SOC pipelines for correlation and alerting. We’ll then break down the architecture that turns isolated decoys into an orchestrated Zero Trust signal layer — transforming AI curiosity into proactive defense.

Takeaways • How to design deception workflows for AI agents using MCP Gateways • Practical templates & architectural patterns for threat intel teams • Steps to embed deception into your existing AI-security toolchain

Notes

This talk builds on research presented at BSides Orlando, BSides Chicago, DevSecCon 2025, and Cloudflare Connect 2025. The demo uses Cloudflare Workers, MCP Gateways, and Canarytokens — no special A/V requirements beyond a browser.

I lead Zero Trust & AI security initiatives at Indeed Inc., focusing on deception engineering, threat intel, and edge security. I’ve built and open-sourced deception frameworks (MCP Threat Trap, FlareGuard) and am actively collaborating with Cloudflare and Thinkst on AI-driven defense research.