The disclosure relates to provisioning honeypot computing services using computing resources in a defective computing resource pool. In one example, a computing system can generate a maliciousness score for a received resource allocation request, determine that the generated maliciousness score exceeds a maliciousness threshold and identify a computing resource in a defective resource pool that is eligible to satisfy the request. The system can then provision honeypot computing services to fulfill the request, using the identified computing resource in the defective resource pool.