Haroon Meer, co-founder of Thinkst and creator of innovative security solutions like Canary and Canary Tokens, discusses the nuances of network security. He elaborates on deploying canaries to detect real-time attacks while minimizing false positives. Haroon shares valuable insights into the development of canary tokens as proactive measures against cyber intrusions. He also touches on the balance of innovation and user experience, navigating funding challenges in tech entrepreneurship, and the importance of ethical practices to build customer loyalty.
Canaries and Canary Tokens are products developed by ThinkS that help businesses identify network attacks and breaches.
ThinkS emphasizes the importance of simplifying the process of network security, offering straightforward and user-friendly solutions like canaries and tokens.
ThinkS takes a considered approach when adding new features to their products, prioritizing delivering value without overwhelming users with unnecessary complexity.
ThinkS has chosen not to regularly increase their prices, focusing on providing fair and consistent pricing to maintain customer trust and loyalty.
Deep dives
Overview of Canaries and Canary Tokens
Canaries and Canary Tokens are products developed by ThinkS that help businesses identify network attacks and breaches. Canaries are deployed on networks and act as honeypots, attracting attackers and providing a high-quality signal when an attack occurs. Canary Tokens, on the other hand, are small devices or files that can be placed strategically to monitor specific activities. These tokens generate alerts when unauthorized access or usage is detected. The focus of ThinkS is to make the deployment of canaries and tokens easy, maintenance-free, and with minimal false positives to ensure their effectiveness in detecting and mitigating security risks on networks.
The Importance of Simplifying Network Security
ThinkS emphasizes the importance of simplifying the process of network security. They believe that many companies lack the resources and expertise to build and maintain sophisticated security infrastructure. By offering straightforward and user-friendly solutions like canaries and tokens, ThinkS enables businesses of all sizes to enhance their security posture without requiring significant investments or dedicated security teams. Moreover, their focus on minimizing false positives ensures that security teams can prioritize real threats and take prompt action.
Balancing Features and User Experience
ThinkS takes a considered approach when adding new features to their products. They prioritize delivering value without overwhelming users with unnecessary complexity. By carefully selecting which capabilities to include and ensuring that they align with customer needs, ThinkS avoids feature bloat and maintains a streamlined and user-friendly experience. This approach has resonated with customers and has allowed ThinkS to establish long-term relationships built on trust and product effectiveness.
Building a Sustainable Business Model
Unlike many other companies, ThinkS has chosen not to regularly increase their prices. They believe in providing fair and consistent pricing to their customers. This decision is driven by their commitment to delivering value and maintaining customer trust. By focusing on generating goodwill, attracting talent, and prioritizing customer needs, ThinkS has achieved steady growth and positioned themselves as a strong competitor, even without following the traditional VC-backed growth trajectory.
Building a Business Based on Kindness
The podcast episode discusses how the company's approach of being affordable and adding value to their customers' lives has helped them maintain customer loyalty, even during difficult times like COVID-19. They prioritize building long-term relationships with their customers and treating them with kindness and forgiveness. By focusing on the craft of their product and providing an easy deployment process, they attract customers who appreciate their dedication. The podcast emphasizes the importance of staying grounded in the purpose of building a good product and avoiding the distractions of chasing funding or trying to appease investors.
Hardware and Software Evolution
The podcast explores the evolution of the company's hardware and software. They initially started with printed versions of their product, then transitioned to custom-made hardware based on the Raspberry Pi platform. They have their own custom kernel for packet mangling and a hardened image to accommodate their specific needs. They have also optimized their communication channel between the client and the server via DNS, allowing for seamless updates and configurations. The company emphasizes the importance of adapting and learning from hardware supply chain challenges, as well as continuously improving the design and functionality of their hardware devices.
Product Focus and VC Funding
The podcast delves into the company's decision to stay focused on their product rather than pursuing venture capital (VC) funding. They discuss the distraction and loss of product focus that can come with the VC funding route. They believe that building a great product that customers want is a quicker path to success. They highlight the problem in the industry where funding is seen as a proxy for quality, allowing bad products to survive longer than they should. They challenge the traditional VC model, suggesting that it may not be well suited for building good security companies and encourage founders to prioritize product development and customer satisfaction over maneuvering to secure funding.
This week we’re joined by Haroon Meer from Thinkst — the makers of Canary and Canary Tokens. Haroon walks us through a network getting compromised, what it takes to deploy a Canary on your network, how they maintain low false-positive numbers, their thoughts and principles on building their business (major wisdom shared!), and how a Canary helps surface network attacks in real time.
Changelog++ members get a bonus 4 minutes at the end of this episode and zero ads. Join today!
Sponsors:
Statsig – Build faster with confidence. Startups to Fortune 500s rely on Statsig to make data-driven decisions. Ship smarter and faster with the unified platform for feature flags, experimentation, and analytics. Our listeners get free white-glove onboarding, migration support, and 5 million free events per month.
Sentry – Watch Lazar Nikolov livestream on YouTube at youtube.com/@nikolovlazar. Use the code CHANGELOG and get the team plan FREE for three (3) months.
Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
