One Month with Thinkst

Recently, I was faced with a career dilemma.
  • Go back to the enterprise and be a CISO
  • Take a gig that would be part research, part bizdev
  • A research and writing gig
  • Consulting/Advisory work
  • Join another vendor
SPOILER: I chose the last one… but why?

Why Thinkst?

Thinkst Applied Research is the company behind the popular Canary product. Though they started off as more of a research firm that would build various products, the Canary product took off and has become their primary focus.
They are a moderately-sized company of enthusiastic industry veterans, developers and engineers that love to learn and try new things. They’ve managed a sort of startup nirvana: bootstrapped with a popular product that customers openly love and a great company culture. When Haroon pitched me the idea of joining to help out, I was immediately flattered, excited and skeptical.
I knew Canaries were wildly successful. It’s kinda hard to ignore. Especially hard to ignore when you’re working product marketing for another vendor, trying to figure out how to recreate that same fierce customer/brand loyalty and excitement. The chance to join a company that had already figured this out… yes. Very much yes, I wanted to be a part of that.
Though I knew much about the product, what did I know about the company? Not much, I had to admit. I knew that there were 10–15 employees. I knew they had never taken funding. Oh yeah — and they’re based in South Africa.
I had some reservations.
I’ve never been to the continent of Africa, much less South Africa. Not that they needed me there.
I have built a measure of trust with Haroon over the years. We’ve been chatting regularly over the last five years and we were both very much on the same page when it came to principles and InfoSec. He clearly knew how to execute on ideas. I was down for a chat at the very least.
My key reservations related to the ability of the company to support me and the distance between us (literally, not metaphorically). Specifically:
  1. Was this company large enough and stable enough to meet my salary needs without some sort of weird comp plan arrangement (note: I’ve never been a dedicated sales guy, so all comp plans are ‘weird’ to me)
  2. Though I was more than comfortable working remotely, being the only US employee of a South African company was super remote. How remote?
If you think my travel time to them looks bad, imagine what half the company goes through when attending Black Hat USA (another 5 hours West of me).
He had sold me on his product, but now, Haroon set his mind on selling me on his company. It was no less compelling. While Thinkst is small in employee count, they’re certainly not in terms of revenue, profits or customers. I’d say they handily beat 99% of the rest of the security industry by many metrics. For example, their revenue-to-employee ratio is probably double or triple the average I’ve seen in vendor-land. Let’s just say my concerns were addressed satisfactorily. #HumbleBrag #NewEmployee #BrowniePoints #Shameless
The distance was still a concern, however. Doing the math in my head, I realized Cape Town was six hours ahead of me. In fact, all of South Africa is one timezone — South Africa Standard Time (SAST). When I start my day at 9am in Eastern Time (the closest the US gets to SAST), the folks in Joburg and Cape Town are almost done with their day. Except… they’re not.
Though they have customers all over the world, a large chunk of them are in the US and a large chunk of those are in California. PST is an additional 3 hours West of me, so they have zero overlap with a normal 9–5 workday in South Africa. That means it has become fairly normal for part of the Thinkst team to work late. I was well aware of this — while one of my primary concerns was the distance between us, I knew that a big part of the attraction of hiring me was the fact that I wasn’t in South Africa.
Yes, in addition to my charming sense of humor and scruffy visage, I was in that sweet EST time zone. The same time as New York City — only 3 hours off from Silicon Valley, but still decently overlapped with South Africa and the United Kingdom. In addition to my time zone, there’s the fact that I can attend conferences for a tiny fraction of the cost and effort it takes the team in South Africa to get over to this continent.
This was a tough choice. So naturally, I asked my family for help. I built a “help me pick my new job” presentation and presented it to them.
Hmmm, looks like some visual bias occurred here? A coincidence, surely.

After some collective eye-rolling and deep sighs, my personal board of directors agreed to grant me five minutes of their attention. They came out of it Team Thinkst all the way (and surely, with new appreciation for my presentation skills).

My first week

As with most jobs these days, especially as a remote employee, the first thing you get access to is email and other corporate/backoffice systems. They also mentioned they’d be sending me some things. I was actually in Indianapolis for CircleCityCon with my kids when the packages started arriving. After a few days, my wife messaged me. “It’s looking like Christmas on your side of the table!”
Sure enough, I came home to:
  • Stickers
  • Business cards
  • A GoRuck GR1
  • A new MacBook Pro
  • A custom Canary Space Pen (I hear it may be possible for some of these to get into non-employee hands…)
  • A custom Thinkst Canary-themed WASD keyboard
  • 3 Canary t-shirts
  • 1 Canary hoodie
  • A free Audible subscription (SQUEE — big audiobook fan here!)
  • 5 Canaries
  • and a Partridge in a Pear Tree
This is a BEAST of a backpack. Pretty sure it can stop bullets.

My wife was right, it was like Christmas morning. What I was most excited about, however, wasn’t the cool swag or mechanical keyboard.

I had heard so much about these Canaries, I was ready to dig in and see what all the fuss was about. Obviously, it should be no problem for the Thinkst staff to set up a Canary in five minutes or less — they’ve been putting on Canary demos for years! A new employee with no previous experience with these devices was a perfect opportunity to see if the product matched the writing on the tin. Sure enough – in roughly 20 minutes, all five Canaries were up, configured and running.

Side note: I previously didn’t have a positive impression of DHL, but now, I’m seriously impressed with them. They not only regularly get stuff to me in 2–3 days from South Africa, they will pick up packages from my house, to deliver to South Africa in the same 2–3 days!


So much is said about company culture, but it often comes off as forced or is used as a facade. If there’s a Foosball table, you shouldn’t be judged a slacker for using it. Culture isn’t a ‘perk’ or tool that exists to balance out dysfunctional management and inefficient processes. A snapshot view of how Thinkst does things probably looks like the most hipster, trendy SF startup thing ever. When you get to know everyone and start working with them, you realize they come by all of it honestly.
Email — Sales and support use it to communicate with customers, but that’s it. I had to go check just to make sure what I’m saying is accurate, but I’m exactly at the one month mark and I have yet to receive a single internal email from anyone. As far as I can tell, there’s no employee handbook or rule that says we can’t use email to discuss things, we just use Slack for all that.
Slack — Thinkst is far from the only organization leaning heavily on Slack for internal communications, but I found it interesting how Thinkst organizes things there. There’s no #general and no #random, so I was a bit off-balance at first. Once I got used to the organization, it all made sense, including Thinkst’s flavor of ChatOps, which is very impressive. My favorite channel is #learning. I had been wondering how a staff of 15 manages and supports north of 600 customers. Good, efficient communication and smart use of Slack’s integration features.
Bi-weekly Tech Talks — I’ve been places that have talked about doing things like this and occasionally did them, but they’d often cancel them as ‘Tech Talks’ were a low priority item in management’s eyes that took up an inconvenient amount of time. At Thinkst, they always happen and they’re recorded, so anyone that misses one can go back and watch it. I find myself really looking forward to these at Thinkst and can’t wait to do my first one.
Meetings — For at least my last 4 jobs, I share a link to Jason Fried’s epic Ted talk, Why work doesn’t happen at work. I haven’t sent this video to anyone at Thinkst. Aside from customer demos, the Bi-weekly Tech Talks and the odd spontaneous chat, there aren’t any meetings. I think the devs do standups. Looking at others’ availability on the corporate calendar, I can confirm that I’m not just being shielded from meetings so the ‘new guy can settle in’. They generally don’t exist, because they’re largely unnecessary due to other positive aspects of the culture here.
Decisions can be made without meetings. Announcements can be made without meetings. Basically, anything other companies have meetings for, happens asynchronously in Slack, where it doesn’t disrupt anyone’s workflow. Coworkers and management often take hours to respond. There’s no ‘ego’ here creating a culture of fear that makes employees feel like there’s a race to respond.

Can a company be both laid back and super productive?

It sounds odd to say it this way, but Thinkst manages to give a laid-back, calm vibe. At the same time, everyone’s busy and you can see that. The way several of the Slack channels are used by support, customer success, R&D, there’s a visible ‘exhaust’ that somehow makes completed work visible and tangible.
A new feature was just rolled out. Cool, I remember seeing chatter about that last week after a customer suggested it! There’s an issue — support works it, finds the problem and fixes it. Someone else suggests documenting it in the knowledge base, since this has happened two times before. Documented. Done.
Work/Life Balance — In contrast to this visible productivity, several key employees (I suppose everyone’s key when there are only 15?) were on vacation when I joined, or soon after, with no negative impact I could see. I’ve been known to ‘forget’ to take vacation at other jobs, often leaving with dozens or even hundreds of unused hours accumulated. Here, I’ve already found myself thinking about when and where I want to use mine and looking forward to it.
Perhaps it’s just coincidence that two senior folks were on vacation right around the time I joined, but I found it refreshing and encouraging. I’ve been burned out several times in my career and was worried about joining an organization with an ‘embrace the grind’ attitude, bragging about how many nights and weekends they work.
Not that people here don’t ever work nights or weekends, but no one treats it as bragging rights or some badge of honor. Sometimes shit breaks in the night and you have to fix it. I can’t say I’ve seen any scrambling or overtime due to poor planning or management so far.

What Sucks?

#WaterCooler — I generally get busy quick when I join a company. I’m the kind of employee that can always find things to do and doesn’t require much direction. I do wish I could have had more time to talk to my co-workers and get to know them before diving in. When everyone else is twenty-one hours of travel away and six hours ahead, that’s just the reality.
The good news is that Black Hat is only a month away and I’ll get to meet a lot of the team there and spend more time with them.
Looking from the other perspective, this is my fifth job working out of my home office and I think I’d have a hard time adjusting back to cubicle life. For me, the benefits of working from home far outweigh the drawbacks.
#TooMuch? — I’ve read Trevor Noah’s book. I know who Elon Musk is. I enjoy Hugh Masekela’s music. That’s about the extent of my knowledge of South Africa. I tend to use humor to connect with people and that can be hard to do when there are large cultural differences. I use a lot of self-deprecating humor, which is always easy and convenient to reach for as the lone American in the company. I live in the South. In the bible belt. It is July 3rd as I write this and fireworks are going off. A lot of the stereotypes are true, especially here.
I’ve already posted pictures of pickup trucks with offensive slogans. Too soon?
But is it funny? Is it awkward? Do I sound like a cartoon? I’m not sure yet. I’ve often heard comics talk about how necessary it is to research cultures and shift their material for shows on an international tour. The difference between a laugh and a riot can be small in some places.
I just need more time to settle in, I suppose. All I can do is observe and hold back until I grok enough to not make an ass of myself. Hopefully, I haven’t already. Currently, I’m trying to convince everyone that it’s okay to make fun of me for being old. I feel like I’ve earned it by not dying yet.

What’s Next

I’m going to be doing a lot of advocacy and sales support at Thinkst. There are opportunities to do a ton of other stuff as well, which makes me happy. Soon, I’ll be digging into the API and looking for novel uses for CanaryTokens. Haroon and I are delivering the ending keynote for Virus Bulletin (London, early October). I’m already comfortable giving demos, so let me know if you’re interested. Probably a lot more blog posts. I’m a bit behind on my writing.
Just a few drafts…

Also, if you’re going to Black Hat or DEF CON, I’ll be at both. We will be at Booth #474 at Black Hat and you’ll likely find me at the Aviation, Medical Device or Biohacking villages at DEF CON.

Leave a Reply

Site Footer

Authored with 💚 by Thinkst