Technology Demonstration

See PHANTAQSM'sSSH Honeypot Deception Stack

An SSH honeypot deception platform for EU government and regulated European enterprise. Early-stage, Brussels-based, built for GDPR/NIS2-aware deployments.

How the Deception Platform Works

SSH honeypot deception, attacker-behaviour modelling, and tamper-evident evidence

SSH Honeypot Deception

SSH honeypots and decoys designed to engage attackers and observe their behaviour in a controlled environment.

Designed to demonstrate:
  • • SSH honeypot session capture
  • • Decoy services and credentials
  • • Controlled attacker engagement
  • • EU-region hosting and data residency

Attacker-Behaviour Modelling

Bayesian and Markov modelling of attacker behaviour to characterise and classify observed activity.

Designed to demonstrate:
  • • Bayesian classification of activity
  • • Markov modelling of attacker sequences
  • • Session and command analysis
  • • Deception engine orchestration

Tamper-Evident Evidence

Evidence records hashed with SHA-256/keccak256 to make later modification detectable.

Designed to demonstrate:
  • • SHA-256/keccak256 hashed evidence records
  • • Tamper-evident audit trails
  • • Attacker-behaviour attribution
  • • EU-region data residency

Technology in Action

Walkthroughs designed to demonstrate how the deception platform engages and analyses attacker activity

SSH Honeypot Engagement

8min Demo

Designed to demonstrate how SSH honeypots capture and analyse attacker sessions

Demo Highlights:
  • • SSH honeypot session capture
  • • Bayesian classification of activity
  • • Markov modelling of attacker sequences
  • • Decoy services and credentials

Decoy Environment Response

12min Demo

Designed to demonstrate how decoys present a believable target surface to attackers

Demo Highlights:
  • • Decoy services and credentials
  • • Configurable deception layouts
  • • Multi-layered deception architectures
  • • Attacker engagement and analysis

Tamper-Evident Evidence Engine

6min Demo

Designed to demonstrate how evidence records are hashed to make tampering detectable

Demo Highlights:
  • • SHA-256/keccak256 hashed evidence records
  • • Attacker-behaviour attribution
  • • Tamper-evident evidence records
  • • Tamper-evident audit trails

End-to-End Walkthrough

20min Demo

Designed to demonstrate the full deception-to-evidence flow end to end

Demo Highlights:
  • • Simulated SSH intrusion attempt
  • • Honeypot engagement and decoy response
  • • Attacker-behaviour attribution and evidence
  • • Tamper-evident evidence record output

What We Are Building Toward

PHANTAQSM is early-stage and pre-pilot. The areas below describe what the platform is designed to measure; no benchmarks have been independently validated yet.

Detection latency

Honeypot Detection

Time to capture and classify SSH honeypot activity — to be measured in pilots

Deception quality

Decoy Believability

How convincingly decoys engage attackers — to be evaluated in pilots

Evidence integrity

Tamper-Evidence

SHA-256/keccak256 hashing designed to make later modification of evidence detectable

Throughput

Concurrent Sessions

Number of honeypot sessions handled concurrently — to be measured in pilots

Access Technology Demonstrations

Choose the demonstration format that best fits your evaluation needs

Video Demonstrations

Pre-recorded technical deep-dives

Available Now
  • • Deception platform overview
  • • Individual component deep-dives
  • • Roadmap and pilot plans
  • • Approach and positioning
Recommended

Live Interactive Demo

Real-time demonstration with Q&A

Scheduled
  • • Live SSH honeypot walkthrough
  • • Decoy environment demonstration
  • • Interactive attack simulations
  • • Technical Q&A with the team

Private Technical Review

Exclusive session for qualified investors

By Invitation
  • • Source code architecture review
  • • Technical team interviews
  • • Roadmap and IP discussion
  • • Differentiation and positioning

How We Approach the Problem

The deception design choices and evidence model that shape PHANTAQSM

Deception Design

SSH Honeypots and Decoys

A controlled deception surface designed to engage and observe attackers

Attacker-Behaviour Modelling

Bayesian and Markov modelling to characterise observed activity

EU-Region Hosting

EU-region hosting and data residency, GDPR/NIS2-aware by design

Evidence and Analysis

Behavioural Modelling

Bayesian and Markov methods to classify attacker activity

Session Analysis

Capture and analysis of SSH sessions and attacker commands

Tamper-Evident Evidence

SHA-256/keccak256 hashed evidence records, designed to make tampering detectable (not court-admissible, not certified)

See the Deception Platform in Action

PHANTAQSM is an early-stage SSH honeypot deception platform built for EU government and regulated European enterprise. Request a technology demonstration today.