Regulated European enterprise

Managed deception for regulated European enterprise.

The same managed SSH honeypot platform built for EU government cyber agencies, scoped for regulated F500-equivalent European enterprise — Bayesian attacker-behaviour modelling, SHA-256 / keccak256 evidence batches, and EU-region storage by default.

Deployment profile
Buyers
Regulated EU enterprise · CISOs
Data residency
EU-region (Supabase EU)
Evidence
SHA-256 + keccak256, append-only
Regulatory frame
GDPR · NIS2
SLA model
Tiered (Bronze → Classified)

What the platform actually does

Six operational properties of the deception layer as it stands today. No promised ROI, no fabricated breach counts. Roadmap items are flagged.

SSH honeypot deception layer

Managed deception infrastructure deployed at your enterprise perimeter. Attackers engage the decoy environment while your production systems remain unaffected.

Managed service

Attacker-only data scope

The honeypot environment never ingests customer or employee PII. Evidence batches are scoped to attacker observations only.

No PII ingest

Bayesian behaviour inference

Probabilistic modelling of attacker actions, surfaced as auditable session metadata with confidence weights.

Bayesian modelling

Tiered SLA model

Bronze, Silver, Gold, Classified tiers with documented response times. Annual fee per tier; tier matrix in the procurement file.

4 tiers documented

Tamper-evident evidence chain

Every observed session is hashed (SHA-256, keccak256 variant) and batched into an append-only log. Audit-defensible against downstream forensic review.

SHA-256 batched

EU-region storage

Evidence batches live in an EU-region Supabase project. No transatlantic data movement without explicit customer authorization.

EU residency

Industry-specific deception scope

The honeypot environment is scoped per sector. Each engagement defines its own decoy infrastructure to mirror the operational network the attacker expects to find.

Financial Services

Sector-specific deception scope

Primary Threats

  • APT groups
  • Ransomware
  • Insider reconnaissance
  • Regulatory exposure

Protection Solutions

  • Per-sector deception scoping
  • Tamper-evident session logs
  • EU-region data residency
  • NIS2-aware incident reporting

Technology

Sector-specific deception scope

Primary Threats

  • IP reconnaissance
  • Supply-chain probing
  • Repository ingress attempts
  • Cloud-perimeter scanning

Protection Solutions

  • Development-perimeter honeypots
  • Source-repository decoys
  • CI/CD pipeline traps
  • Cloud-infrastructure mirrors

Manufacturing

Sector-specific deception scope

Primary Threats

  • OT/IT convergence probes
  • Supplier-perimeter probing
  • Production-network reconnaissance
  • SCADA-targeted scans

Protection Solutions

  • Factory-floor decoy networks
  • SCADA-protocol honeypots
  • Supplier honeynets
  • Production-line shadow systems

Healthcare

Sector-specific deception scope

Primary Threats

  • Patient-data reconnaissance
  • Medical-device targeting
  • Research-IP probing
  • Ransomware staging

Protection Solutions

  • Electronic-record decoys
  • Medical-device honeypots
  • Research-data shadow systems
  • Patient-portal mirrors

Commercial framing

We do not publish a multi-year ROI multiplier. The cost of a successful breach varies by sector, jurisdiction, and disclosure regime; published averages depend on methodology choices a serious procurement evaluator will rightly question. The tier matrix and annual fee per tier are part of the procurement file we share under NDA.

What we share publicly

  • Tier model (Bronze, Silver, Gold, Classified)
  • Response-time commitments per tier
  • EU-region data-flow diagram
  • Cryptographic scheme for evidence batching

Available under NDA

  • Annual fee per tier
  • Reference customer (with their written consent)
  • Threat model and data-flow detail
  • SLA breach remediation policy
Request the procurement file

Customer references on request

We do not publish unsourced quotes or unverifiable testimonials. Reference customers are made available, with their written permission, to procurement evaluators who can demonstrate budget and timeline. The pre-evaluation form is on the contact page.

Request a reference

Two paths into PHANTAQSM

A live walkthrough against a staging environment, or a written briefing for the procurement file. Both routes go through the same Brussels-based team.

SLA matrix shared under NDA
Annual fee per tier
EU-region operations