Deployment

Launch Decoys with API, Kubernetes, Docker Compose, or Systemd

Deploy decoys where your security program runs today in cloud, on-prem, or hybrid. Use API bootstrap for fast host rollout, Kubernetes manifests for cluster operations, Docker Compose for container-first environments, or Systemd for Linux service management. The goal is simple: fast, consistent rollout with enterprise-ready operational control.

Honeypot Deployment Options

Choose the model that best matches your environment and governance requirements

Cloud Native

Deploy decoys quickly in cloud environments with Kubernetes manifests or container-first workflows.

  • Manifest-based rollout for cluster environments
  • Container deployment with Docker Compose support
  • System service deployment with Systemd support
  • Rapid expansion across cloud regions
  • Centralized visibility for distributed decoys

On-Premises

Run decoys in internal environments where data control and network policy are strict.

  • API bootstrap deployment option
  • Kubernetes manifest deployment option
  • Docker Compose deployment option
  • Systemd deployment option
  • Local network segmentation compatibility
  • Policy-aligned deception placement

Hybrid

Combine cloud and on-prem deployments under one deception strategy.

  • Consistent deployment model across environments
  • Unified operations for distributed decoys
  • Flexible rollout by business unit or region
  • Single response workflow for all signals

Architecture Highlights

Built for practical security operations, repeatability, and scalable rollout

Deployment Simplicity

Start fast with repeatable deployment packages designed for security teams and platform teams.

  • API bootstrap for fast host rollout
  • Kubernetes manifests for cluster-first teams
  • Docker Compose for container-first teams
  • Systemd service flow for Linux operations teams
  • Consistent rollout steps across environments
  • Fast expansion without redesigning your stack

Operational Fit

Deploy decoys in ways that align with existing change control and security governance.

  • Structured rollout by environment and scope
  • Clear ownership between security and platform teams
  • Controlled updates and versioning practices
  • Repeatable quality across new deployments

Scale By Risk Priority

Begin with high-risk pathways and extend coverage as your program matures.

  • Pilot in one environment, then replicate
  • Expand decoy coverage by critical asset paths
  • Standardize deployment playbooks
  • Keep one operating model at enterprise scale

Deployment Model

Honeypots can be deployed through four practical paths depending on your environment and operating model.

  • One-line curl bootstrap to the API for fast host deployment
  • Bootstrap flow installs Docker automatically when it is not already present
  • Kubernetes manifest deployment with kubectl apply -f
  • Docker Compose deployment for container-first server workflows
  • Systemd deployment for managed Linux service operations
  • Consistent rollout process across cloud, on-prem, and hybrid environments 
# Option 1: API bootstrap
curl -fsSL https://api.neroswarm.com/deploy.sh | bash

# Option 2: Kubernetes manifest workflow
kubectl apply -f neroswarm-honeypot.yaml

# Option 3: Docker Compose workflow
docker compose up -d

# Option 4: Systemd workflow
sudo systemctl enable --now neropot

How Teams Use This

Concrete deployment workflows from pilot to enterprise scale

Fast pilot in one environment

Security teams deploy a first decoy set with API bootstrap or Docker Compose, validate alert quality, then hand off expansion to platform owners.

  • Start quickly without changing existing SOC workflow
  • Validate telemetry before broad rollout

Cluster-first production rollout

Platform teams apply Kubernetes manifests per environment and keep deployment patterns consistent across clusters and teams.

  • Standardized rollout with kubectl apply -f
  • Repeatable process across regions and business units

Hybrid operating model

Organizations combine API bootstrap, Kubernetes, Compose, and Systemd flows to cover cloud and on-prem zones under one operating playbook.

  • One governance model for mixed estates
  • Consistent escalation and response ownership

Ready to deploy decoys at scale?

Talk to our team about rollout planning, environment fit, and deployment best practices.

Contact Sales