Thinkst Canary now integrates with Google Security Operations SOAR, giving security teams a straightforward way to work high-confidence Canary alerts in the environment they are already used to. Canary incidents can be ingested into Google SecOps SOAR as cases, where analysts can review alert and event context (and acknowledge incidents when the work is done). …
Year: 2026
Why is the RSAC floor so dominated by promises that can’t be kept? Because incentives.. …
Rad discusses the vulnerabilities of security software, particularly the appeal of API credentials to adversaries. It introduces a new Canarytoken, specifically a CrowdStrike API Key, designed to detect unauthorized access early. Users can generate these keys easily and deploy them in strategic locations, enabling high-fidelity alerts when exploited by attackers. …
Last week we concluded the deal to acquire 100% of UK-based DeceptIQ. We welcome them to the flock. DeceptIQ is built by red-teamers with a deep desire to turn the tables on attackers. In our ten years of doing Canary, we’ve never seen such a strong natural alignment. We are super excited to write future chapters (to help defenders win) together. …