In the rapidly changing cybersecurity landscape, fully automated and dynamically scaled offensive cloud-targeted attacks are evading some of our strongest defensive strategies. This presentation introduces the " HoneyCloud " project - a novel approach for collecting and analyzing cloud-centric cyber threats. This talk aims to provide a comprehensive understanding and analysis of real-world targeted cloud incidents that were captured in our HoneyCloud environment. We will use these real-world cases to discuss how fully automated and dynamically scaled offensive operations are detected by dynamic and scalable defensive operations. A HoneyCloud can allow researchers to collect malicious operations from live cloud environments forensically, let's learn how to make and use them!