We’ve written before about the effort we put into UX choices in our app. We don’t consider problems solved just because we kicked out a feature in its general vicinity and we are super strong believers in “small things done well” This came to the fore again recently when we included a “seasonal theme” into customer Consoles and I figured it was worth a brief post to examine our thinking around (even) short-term UX. In our early days we’d give …
Author: haroon meer
I recently discovered “Hot Ones” on YouTube. If you haven’t seen any of the episodes, you should (because they really are fantastic). This isn’t really a controversial opinion: their YouTube channel has 12 million subscribers and almost 2,6 billion views. The show has a few lessons that I think are worth noticing/stealing. I’ll discuss 3 of them here (even if they are kinda random). 1) Genuine Warmth One would expect the show to lean on a kinda gotcha-slapstick routine: we all laugh …
We discussed this Scott Forstall clip internally and figured it was worth sharing since theres so much going on in just 5 minutes. Bradley commented on how familiar it felt to how we roll and it’s worth digging in to this little more. Quick Background In 2007 Apple was not yet a trillion dollar company, but its star was definitely on the rise. Jobs was back, OSX was taking root and the iPod was game changer. (Their market cap was …
This year Thinkst Canary crossed the line to $11M in ARR. That number is reasonably significant in the startup world, where Lemkin refers to it as “initial scale”. For us; it’s a happy reminder of Canary’s spread into the market. $11M ARR certainly isn’t our end goal, but it provides the fuel for us to keep building the company we want to work at. We got here without raising a dime in capital, shipping a hardware/SaaS hybrid, sitting way outside …
The recent SolarWinds incident has managed to grab headlines outside of our security ecosystem. The many (many) headlines and columns inches dedicated to the event are testament to the security worries that continue to reverberate around the globe. But we think that most of these articles have buried the lede. Most discussions take the position that our enterprises are horribly exposed because of supply chain issues and that any network running SolarWinds should consider themselves compromised. We think it’s actually …
One of the big disconnects in infosec lies between people who build infosec products and people who end up using them on the ground. On the one hand, this manifests as misplaced effort: features that are used once in a product-lifetime get tons of developer-effort, while tiny pieces of friction that will chaff the user daily are ignored as insignificant. On the other, this leaves a swath of problems that are considered “solved” that really aren’t. The first problem is …
This month we’re ready to release our first major Canary Console overhaul. We’ve obviously pushed updates to Canary and the Console weekly for almost 5 years but this is the first time we’ve dramatically reworked the Console. Contrary to a bunch of other products, we don’t want to be your single pane of glass, and work really hard to make sure that most customers never have to spend time in their Console at all. But our beefed up Console offers …
A decade ago, Steve Jobs sat down at the D8 conference for an interview with Kara Swisher and Walt Mossberg. What followed was a masterclass in both company and product management. The whole interview is worth watching, but I thought there were a few segments that stood out. Caveat: Any time someone talks about a tech-titan, there’s reflexive blowback from parts of the tech community: “He wasn’t really an engineer”, “He wasn’t really…” – This post will ignore all of that. …
aka: Small things done well We spend a lot of time sweating the details when we build Canary. From our user flows to our dialogues, we try hard to make sure that there’s very few opportunities for users to be stuck or confused. We also never add features just because they sound cool. Do you “explode malware”? No. Export to STYX? No. Darknet AI IOCs? No. No. No.. Vendors add rafts of “check-list-development” features as a crutch. They hope that …
Introduction This is part 2 in a series of posts on our 2015 BlackHat talk, and covers our Canarytokens work. You’ll be familiar with web bugs, the transparent images which track when someone opens an email. They work by embedding a unique URL in a page’s image tag, and monitoring incoming GET requests. Imagine doing that, but for file reads, database queries, process executions, patterns in log files, Bitcoin transactions or even Linkedin Profile views. Canarytokens does all this and …