HOW IT WORKS · THE PLATFORM

Find the breach signal
before it becomes a breach.

Vantuz uses honeytokens, AI investigation and controlled response workflows to turn suspicious access into a clear incident your team can act on.

FILE № 01 · PRIMITIVES

Nine traps for the places
attackers check first.

Each primitive looks useful to an attacker and useless to your team. If someone touches it, you have a confirmed signal instead of another maybe-alert.

[01] aws.credPRIMITIVE
AWS Credential
Where to plant
CI/CD env files · ~/.aws/credentials · S3 buckets · K8s secrets
What it detects
Credential theft via supply-chain compromise or insider access.
Example trigger
AKIA-prefixed key is exercised against sts:GetCallerIdentity from a new ASN.
[02] url.beaconPRIMITIVE
URL Beacon
Where to plant
Internal wikis · Notion pages · pinned Slack messages · admin docs
What it detects
Lateral movement, exfiltration via collaboration tools, phishing landing.
Example trigger
A wiki link disguised as a runbook is fetched from a residential IP.
[03] dns.hookPRIMITIVE
DNS Hook
Where to plant
Hosts files · staging configs · DNS zone files · ENV.STAGING_HOST
What it detects
Recon, config dumps, leaked .env files reaching attacker infra.
Example trigger
A fake staging hostname is resolved from a country you do not operate in.
[04] doc.trackerPRIMITIVE
Document Tracker
Where to plant
Shared drives · M&A folders · board decks · HR PDFs
What it detects
Document exfiltration and unauthorized review by external parties.
Example trigger
A canary PDF named "Q4-board.pdf" opens from a new device fingerprint.
[05] db.credPRIMITIVE
Database Credential
Where to plant
Backup scripts · ORM configs · Terraform state · legacy services
What it detects
Database access via leaked DSNs or compromised backup archives.
Example trigger
A Postgres DSN authenticates from outside your VPC peering range.
[06] ai.keyPRIMITIVE
AI API Key
Where to plant
LLM gateway configs · agent prompts · CI secrets · prototype repos
What it detects
AI agents and operators harvesting model credits or routing chains.
Example trigger
An OpenAI-prefixed token is used to enumerate /v1/models from a new origin.
[07] rag.canaryPRIMITIVE
RAG Canary Document
Where to plant
Vector databases · LLM knowledge bases · internal AI assistants · Notion/Confluence pages indexed by AI
What it detects
AI agents and LLMs exfiltrating internal documents via RAG pipelines.
Example trigger
A canary document chunk is retrieved from the vector store by an unauthorized agent query.
[08] cicd.canaryPRIMITIVE
CI/CD Pipeline Canary
Where to plant
GitHub Actions workflow files · .env.example · CI/CD secrets · runner environments
What it detects
Supply chain compromise, cache poisoning attacks, compromised CI/CD runners harvesting credentials.
Example trigger
A fake AWS key planted in a workflow env var is exercised from a GitHub Actions runner IP.
[09] npm.canaryPRIMITIVE
npm Package Canary
Where to plant
Published as a decoy package under your org namespace or a plausible typosquat name
What it detects
Dependency confusion attacks, typosquatting, malicious package installation attempts.
Example trigger
A postinstall webhook fires from an IP that has never touched your legitimate packages.
// WHY IT WORKS

Works even when attackers hide inside encrypted traffic, Vantuz does not need to inspect every packet. It watches the decoys only an intruder would touch.

FILE № 02 · PIPELINE

From suspicious touch
to useful context.

Every trip runs through the same explainable chain. The AI adds context; deterministic scoring and audit logs keep the response defensible.

T+0ms
Trap touched
A decoy credential, URL, document, package or AI canary reports activity.
T+3s
IP enrichment
VirusTotal · AbuseIPDB · Shodan · GeoIP · ASN.
T+5s
Risk score calculated
Deterministic 0-100. Same inputs always produce the same score.
T+8s
MITRE ATT&CK mapped
Tactics + techniques attached, ready for SIEM.
T+15s
Actor classified
human-novice · human-expert · script · autonomous agent.
T+30s
Response prepared
Recommended hardening, suggested follow-on traps and deterministic containment options.
T+60s
Evidence dossier generated
Incident PDF with timeline, evidence and response notes for security and compliance review.
FILE № 03 · CONTAINMENT

Actionable response,
not another queue.

Vantuz turns each incident into ranked hardening work, suggested follow-on traps and controlled containment options. Destructive actions stay deterministic, reversible and gated by your policy.

aws.revoke
Revoke exposed AWS IAM keys when your policy allows it
cf.block
Block attacker IPs at Cloudflare when your policy allows it
webhook.post
Send signed events to your own incident workflow
evidence.pdf
Generate an incident dossier for security and compliance review
hardening.plan
Rank defensive actions by impact, evidence and effort
trap.suggest
Recommend the next honeytoken based on the attacker path
collective.prior
Use anonymised collective priors only when privacy thresholds are met
FILE № 04 · INTEGRATIONS

Built around the stack
small teams already use.

AWS
Cloudflare
GitHub
Slack
PagerDuty
SIEM
Webhook
+ Signed webhook for everything else
FILE № 05 · ARCHITECTURE

No agent.
No surface.

Vantuz lives outside your infrastructure. No daemon to install, no privileged access, no kernel module, no extra attack surface. You plant tokens. We watch the world for them.

  • Zero software deployed on customer systems
  • Outbound-only triggers, no inbound connections
  • EU data residency · GDPR by design
  • Destructive response gated by deterministic policy, not an LLM
ARCH · v2026.05
YOUR INFRASTRUCTURE
AWS account
K8s cluster
Wiki / Notion
CI/CD secrets
Shared drives
↳ tokens planted
TRIP
VANTUZ · EU
Trigger receiver
Enrichment
Risk scoring
MITRE mapping
Actor classifier
Containment engine
→ outbound-only · no inbound
✓ no daemon · ✓ no agent
FILE № 06 · DEPLOY

See what Vantuz would
plant in your environment.

Start free Talk to engineering
EU core data plane · NIS2 incident-ready · No agent on your network