This week we’re joined by Haroon Meer from Thinkst — the makers of Canary and Canary Tokens. Haroon walks us through a network getting compromised, what it takes to deploy a Canary on your network, how they maintain low false-positive numbers, their thoughts and principles on building their business (major wisdom shared!), and how a Canary helps surface network attacks in real time.
Changelog++ members get a bonus 4 minutes at the end of this episode and zero ads. Join today!
Sponsors:
CHANGELOG
and get the team plan FREE for three (3) months.
Featuring:
Show Notes:
Something missing or broken? PRs welcome!
Timestamps:
(00:00) - This week on The Changelog
(01:00) - Sponsor: Statsig
(04:28) - Start the show!
(05:32) - Canary tokens
(10:03) - The footprint of a Canary
(14:23) - The Homelab lens
(16:43) - Fingerprinting a Canary
(18:45) - Masquerading as many things
(24:02) - Ratio of Canaries to real hardware?
(28:47) - Sponsor: Sentry
(32:26) - False positives
(34:11) - How are attackers getting in?
(39:10) - How do you masquerade well?
(41:45) - Bootstrapping Thinkst and Canary
(53:31) - Adding too many things
(59:35) - Just be kind
(1:03:21) - Regarding dead Canaries
(1:05:53) - How Canaries get deployed
(1:12:00) - Sponsor: Changelog News
(1:13:44) - Do you care about hardware?
(1:20:06) - Adam's attack!!
(1:25:10) - Where else can/will you go?
(1:29:04) - Thoughts on the VC model
(1:40:51) - Save it for ++
(1:41:40) - Up next!
This episode is from The Changelog: Software Development, Open Source whose proprietor has full ownership and responsibility on its contents and artworks. It was shared using Castamatic, a podcast app for iPhone and iPad.