The Changelog: Software Development, Open Source

Attack of the Canaries! (Interview)

Sep 13, 2023

01:43:36

Snipd AI

This week's guest is Haroon Meer, Co-founder of Thinkst, the makers of Canary and Canary Tokens. Haroon discusses the deployment of canaries on networks for real-time attack detection. They also talk about the effectiveness of canaries and canary tokens in network security, the targeting of forgotten systems by attackers, the importance of disabling and removing features, and their journey in building their company. They touch on topics like developing a honeypot, earning the right to work on more interesting problems, and optimizing the DNS channel for communication with the console. The discussion also includes challenges faced and the emphasis on product quality rather than just fundraising.

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Canaries and Canary Tokens are products developed by ThinkS that help businesses identify network attacks and breaches.

ThinkS emphasizes the importance of simplifying the process of network security, offering straightforward and user-friendly solutions like canaries and tokens.

ThinkS takes a considered approach when adding new features to their products, prioritizing delivering value without overwhelming users with unnecessary complexity.

ThinkS has chosen not to regularly increase their prices, focusing on providing fair and consistent pricing to maintain customer trust and loyalty.

Deep dives

Overview of Canaries and Canary Tokens

Canaries and Canary Tokens are products developed by ThinkS that help businesses identify network attacks and breaches. Canaries are deployed on networks and act as honeypots, attracting attackers and providing a high-quality signal when an attack occurs. Canary Tokens, on the other hand, are small devices or files that can be placed strategically to monitor specific activities. These tokens generate alerts when unauthorized access or usage is detected. The focus of ThinkS is to make the deployment of canaries and tokens easy, maintenance-free, and with minimal false positives to ensure their effectiveness in detecting and mitigating security risks on networks.

Introduction

6min

Canaries and Canary Tokens in Network Security

15min

Attackers and Forgotten Systems

8min

Building a Mobile App and Documenting Framework Errors

5min

Importance of Disabling and Removing Features

9min

Journey to International Exposure and Developing a Honeypot

3min

Earning the Right to Work on More Interesting Problems

15min

Building Trust and Overcoming Challenges

6min

Discussion on a Tool for Stealing Information via SQL Injection Attacks

2min

10.

Optimizing the DNS Channel and Canary Updates

19min

11.

Not Just About Fundraising

16min

This week we’re joined by Haroon Meer from Thinkst — the makers of Canary and Canary Tokens. Haroon walks us through a network getting compromised, what it takes to deploy a Canary on your network, how they maintain low false-positive numbers, their thoughts and principles on building their business (major wisdom shared!), and how a Canary helps surface network attacks in real time.

Leave us a comment

Changelog++ members get a bonus 4 minutes at the end of this episode and zero ads. Join today!

Sponsors:

Statsig – Build faster with confidence. Startups to Fortune 500s rely on Statsig to make data-driven decisions. Ship smarter and faster with the unified platform for feature flags, experimentation, and analytics. Our listeners get free white-glove onboarding, migration support, and 5 million free events per month.
Sentry – Watch Lazar Nikolov livestream on YouTube at youtube.com/@nikolovlazar. Use the code CHANGELOG and get the team plan FREE for three (3) months.
Changelog News – A podcast+newsletter combo that’s brief, entertaining & always on-point. Subscribe today.
Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com

Featuring:

Haroon Meer – Twitter, LinkedIn, Website
Adam Stacoviak – Mastodon, Twitter, GitHub, LinkedIn, Website
Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn

Show Notes:

Something missing or broken? PRs welcome!

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export