Meet us at Black Hat USA 2026 · Join the founders →
Product
Platform
AWS
AWS
Azure
Azure
CI/CD
CI/CD
Google Cloud
Google Cloud
Identity
Identity
Kubernetes
Kubernetes
Workstations
Workstations
Credentials & artifacts
Credentials & artifacts
Use cases
AI Agent Detection
Cloud & Kubernetes Breach
Insider Threat Detection
Supply Chain & CI/CD Attack
Workstation Compromise
PricingCustomers
Resources
  • ResearchAbout
  • Careers
  • Contact
Community Edition
Book a demoCommunity Edition
All posts

·

Product

Canaries in the Wild - Episode 5: Ollie Whitehouse

Andy Smith

July 9, 2026

July 9, 2026

·

2

min read

I am the text that will be copied.

Episode 5 of Canaries in the Wild is live - and our first in-person recording. We sat down in central London with Ollie Whitehouse, CTO of the UK's National Cyber Security Centre (NCSC),  the security mission of GCHQ.

Ollie has been running deception for over 23 years, from personal honeypots in 2002 to leading NCSC's national-scale cyber deception programme today. He brings a perspective that spans hobbyist, vendor, practitioner, and national policymaker.

Two decades of catching adversaries

From the early days of the Honeynet Project to catching a criminal zero-day that a vendor had spent eight days failing to root-cause, Ollie shares stories from the front line of deception.

Why deception, why now

Hear the case for deception as one of the very few asymmetric tools available to defenders - low-cost to deploy, high-signal when it fires, and uniquely psychological in its effect on the people on the other end.

Ollie explains how that effect compounds at national scale, and why being open about national-level deployment is itself part of the strategy: making certain adversaries pause and ask whether the UK is a more hostile or unwelcome environment to operate in than somewhere else.

Inside NCSC's national deception programme

Ollie walks through the why and the what of the programme, from Decepticon to the first wave of findings, and where the Active Cyber Defence service goes next.

AI, synthetic data, and the lack-of-noise signal

How AI changes the picture for both attackers and defenders, and why the lack of canary alerts is itself a high-value signal.

Listen Now

Listen to Episode 5 here.

Table of contents
Subscribe to our newsletter

Subscribe to receive the latest research and product updates to your inbox every week.

By subscribing you agree to our privacy policy
Thank you! Check your inbox for your first edition.
Oops! Something went wrong while submitting the form.
Subscribe to newsletter

Subscribe to receive the latest research and product updates to your inbox every week.

By subscribing you agree to with our Privacy Policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

The latest security research straight to your inbox

Subscribe to our newsletter to receive regular updates from our research and product teams

By subscribing you agree to our privacy policy
Thank you! Check your inbox for your first edition.
Oops! Something went wrong while submitting the form.
Soc 2 Type 2 imageCheckmark imageAWS Qualified software illustration
PLATFORM
AWS
Azure
CI/CD
Google Cloud
Identity
Kubernetes
Workstations
Credentials & artifacts
USE CASES
AI Agent Detection
Cloud & Kubernetes Breach
Insider Threat Detection
Supply Chain & CI/CD Attack
Workstation Compromise
COMPANY
CustomersResearchAboutCareersContactStatusCommunity Edition
SOCIAL
© 2026 Tracebit
Privacy PolicyTerms of ServiceCookie Settings