Harshad Sadashiv Kadam
Indeed Inc, Senior Infrastructure Security Engineer
Austin, Texas, United States
Actions
Harshad Sadashiv Kadam is a Senior Security Infrastructure Engineer at Indeed with over a decade of experience driving Zero Trust, SASE, and multi-cloud security for global enterprises. He thrives at the intersection of strategy and hands-on engineering, designing next-generation defenses against AI-driven threats while mentoring emerging security talent.
Previously a Cloud Infrastructure Engineering Manager, Harshad led global cloud migrations and large-scale reliability initiatives, delivering multimillion-dollar efficiencies and strengthening operational resilience. As a mentor and AI-Champions Guild leader, he is passionate about fostering inclusion and inspiring the next generation of security innovators.
Links
Area of Expertise
Topics
Teaching AI Agents to Fear the Dark: Deception Engineering for Autonomous AI Systems
You approved the agent. You configured the allowlist. You assumed the boundary held. Then the agent went further than you expected and nothing in your stack saw it happen.
AI agents using the Model Context Protocol can automatically discover and invoke exposed tools, creating reconnaissance-stage blind spots before traditional controls trigger. This session presents MCP Threat Incubator: an agentic deception approach that uses honeytrap MCP tools and decoy credential artifacts to detect unauthorized and high-risk tool usage early across AI-native environments.
The session builds from problem to deployment with a live detection demo at the center. Real telemetry from live deployments revealed two distinct behavioral populations: automated scanners that enumerate fast and shallow, and AI-driven agents that enumerate deliberately, select specifically, and then escalate. The trap caught both. The agents didn't know the dark was watching back.
Key Takeaways:
Where MCP tool ecosystems create early reconnaissance blind spots
How auto-approved agentic workflows enable tool misuse before policy layers activate
How agentic deception honeytraps detect credential-seeking behavior
How to design believable, safe deception MCP tools
How two-stage deception signals improve detection confidence
How to deploy deception patterns across AI-native tool environments
FlareGuard Edge: Catching Misconfigurations Before They Become Breaches
FlareGuard Edge is an open-source, serverless posture engine that audits configurations in real time using APIs and YAML baselines. No dashboards or agents—just fast, transparent checks that catch misconfigurations and drift before they turn into breaches.
Traditional CSPMs often overpromise and underdeliver—expensive, delayed, and dependent on centralized dashboards.
FlareGuard Edge explores a different model: posture management that lives at the edge and runs entirely on open runtimes and public APIs.
This session walks through the journey of building a minimal, serverless posture engine that scans configurations for DNS, WAF, and TLS in real time, maps results to NIST/CIS controls, and outputs actionable baselines—all defined in YAML.
We’ll cover how this proof-of-concept evolved from a single-zone test into a reusable framework that any team could adapt for multi-zone or multi-cloud posture audits.
The goal is to share an approach: open, scalable, and ready for experimentation.
Attendees will leave with baseline templates, architecture patterns, and practical lessons for building posture as code—without relying on vendor dashboards.
MCP Kube Trap: Agentic Deception at the Edge for Zero Trust AI Environments
AI assistants and agentic developer tools can now discover services, enumerate tools, and request credentials through natural language workflows. When these agents interact with Kubernetes-related systems, early reconnaissance and credential harvesting behavior often produces little to no traditional security signal, especially when tools are accessed through MCP gateways and multi-server portals.
This talk presents the Kubernetes MCP Trap, a deception-based detection approach that simulates a realistic Kubernetes access portal and tool surface using the Model Context Protocol. The system exposes believable helper functions alongside controlled decoy artifacts, including kubeconfig credentials and token workflows that are specifically designed to detect agentic reconnaissance and credential artifact harvesting.
The trap is deployed as a serverless edge service and can be registered behind an MCP gateway or portal alongside legitimate MCP servers. This allows defenders to safely mix real and decoy tool surfaces in the same discovery path. When an agent or tool client retrieves or attempts to use the decoy kubeconfig, multiple high-signal detections are generated. These include signed artifact access events, canary credential activation, and telemetry beacons that help attribute tool clients and intent patterns without connecting to any real cluster.
The session includes a live demo showing agentic tool discovery through an MCP gateway, safe and decoy tool interaction, decoy credential retrieval, canary activation on kubectl use, and detection telemetry generated from edge signals.
Attendees will learn how to design safe and decoy tools, place credential artifacts strategically, instrument MCP gateway surfaces, and use deception techniques to detect reconnaissance and misuse across AI-assisted developer and Kubernetes workflows.
MCP Deception Incubator — Honeytraps as a Framework for Zero Trust AI Environments
As AI agents gain autonomy through the Model Context Protocol (MCP), they increasingly access internal APIs, secrets, and systems - often beyond traditional visibility or control. These agent-to-agent (A2A) interactions introduce reconnaissance blind spots and new exposure pathways inside Zero Trust environments. Building on continued research, this session unveils the MCP Deception Incubator - a deception-as-a-framework approach designed to detect rogue AI behavior at the reconnaissance stage.
Built on serverless edge workers and open deception primitives such as Canarytokens, the framework enables defenders to deploy no-cost, high-fidelity MCP honeytraps across multiple surfaces - APIs, DNS, kubeconfigs, and credentials - without operational overhead. It integrates seamlessly with MCP Gateways - the interface layer that brokers communication between AI agents and organizational systems- to deliver early, metadata-rich visibility into autonomous activity. When an AI agent interacts with a decoy endpoint, the resulting telemetry exposes its reasoning sequence, access path, and tool awareness, turning passive reconnaissance into actionable intelligence.
Through a live demo, we’ll show how these edge-based traps are triggered in real time and how the resulting alerts integrate with SOC pipelines for correlation, rotation, and ongoing visibility. The talk then unpacks the framework’s architecture, showing how deception can be operationalized within any MCP Gateway or AI integration layer. Finally, the session reframes deception from isolated traps into an orchestrated Zero Trust signal layer, enabling organizations to transform AI curiosity into proactive defense. Attendees will leave with reference templates, architectural patterns, and practical lessons to embed deception into their own AI-security workflows.
MCP Threat Trap: Deception Engineering for Zero Trust AI Access
This session is for defenders, detection engineers, and curious red teamers exploring how Zero Trust meets deception engineering in the age of AI orchestration. We’ll break down how we built “MCP Threat Trap,” a honeypot that:
- Simulates sensitive internal tools (like Okta admin password resets) over the MCP protocol, with realistic delays, secure error handling, and SSE streams that mimic enterprise APIs.
- Silently triggers advanced Canarytokens, capturing rich metadata (user agent, IP, and sensitive account attempts) without tipping off intruders.
- Runs entirely on Cloudflare’s global edge via Workers, with no EC2, patching, or infrastructure to manage-making it stealthy and instantly scalable.
- Turns random scans into actionable intelligence, feeding Zero Trust policies and arming your incident team with context-rich alerts.
Along the way, we’ll share:
-Real unsolicited hits from the wild, from abuse-flagged cloud scanners to curious humans after we posted the project.
- How we validated this with OWASP AI Security scenarios, catching AI-agent driven reconnaissance.
- Ideas for evolving it into adaptive deception surfaces that dynamically change as attackers interact.
Key Takeaways
- Learn how to build a zero-infrastructure deception honeypot using Cloudflare Workers + MCP, tailor-made to catch AI-driven or automated recon.
- See how Thinkst Canarytokens detect unauthorized probes with near-zero false positives.
- Understand how deception engineering integrates into modern Zero Trust, providing passive intelligence without exposing real systems.
- Walk away with a repeatable blueprint to deploy your own globally distributed honeypot - plus key mistakes to avoid.
FlareGuard Edge: Building a Serverless CSPM at the Edge (Without Selling Your Soul to Vendors)
This talk dives into how I built FlareGuard Edge — a serverless tool that audits cloud security configurations using only public APIs and YAML. No dashboards. No vendors. No sales pitches.
I’ll walk you through the end-to-end journey of building this tool with edge runtimes (like Cloudflare Workers), mapping configurations to NIST controls, and catching real misconfigurations in production environments.
You’ll learn:
Why traditional CSPM tools often overpromise and underdeliver
How YAML-defined baselines and edge code can close security gaps
How to turn platform APIs into proactive security audits
If you’ve ever thought, “I could build a simpler version of this”, this talk is for you.
No fluff. No FUD. Just real engineering for defenders.
BSidesPGH 2026 Sessionize Event Upcoming
BSides Boulder 2026 Sessionize Event Upcoming
OWASP 25th Anniversary Virtual Conference (Feb) - CfP Sessionize Event
BSides SWFL 2025 Sessionize Event
BSidesChicago 2025 Sessionize Event
BSides Orlando 2025 Sessionize Event
Harshad Sadashiv Kadam
Indeed Inc, Senior Infrastructure Security Engineer
Austin, Texas, United States
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top