Introduction A counterintuitive truth is that great products are defined by both the features they include, as well as those they don’t. We spend a lot of time pondering potential new features for Thinkst Canary to make sure the added value exceeds the inevitable cognitive complexity that new features (or new UX elements) bring. This post will dive into a recent Labs research effort that we ended up leaving on the cutting room floor. Background We are always on the …
Tag: canary
TL;DR Our credit card Canarytokens are out of beta and flying to your consoles! We love these tokens because they provide a novel way to alert on a strong signal of badness. They also perfectly embody our concept of conspicuous deception. Conspicuous deception is our take that simply knowing that a credit card could be a Canarytoken adds risk to the process of stealing, selling, testing, and committing fraud on all cards. Now, fraudsters have to worry that testing or …
This week we are super excited to release the latest addition to our lineup of Thinkst Canary platforms: Tailscale. Background We’ve always made sure that deploying Canaries is absurdly quick and painless. It’s why you can add a hardware Canary to your network just by plugging it in and why most customers end up re-thinking their detection roadmaps: https://twitter.com/bigendiansmalls/status/970342360923033601 We adore Tailscale: They have a first-rate team and their product is also widely loved for being startlingly simple to deploy. …
Bad design is bad In 2015 Moxie Marlinspike pointed out that the manual page for GPG is (now) 50% of the novel Fahrenheit 451. Any software whose man page approaches 20 thousand words better have a good excuse, and GPG can only gesture vaguely at decades of questionable design. GPG gets a bad rap but it isn’t really much of an outlier. Security software has a long history of crumby, unintuitive interfaces and terrible design choices. A deep dive into …
What a question. In an industry frequently criticised for confusing security software with secure software, and where security software is ranked poorly against other software segments, it’s no surprise we periodically hear this question when talking to potential customers. We figured we’d write a quick blog post with our thoughts on it. We absolutely love the thought of this question coming up. Far too many people have been far too trusting of security products, which is how we end up …
(Guest post by Ollie Whitehouse) tl;dr Thinkst engaged NCC Group to perform a third party assessment of the security of their Canary appliance. The Canaries came out of the assessment well. When compared in a subjective manner to the vast majority of embedded devices and/or security products we have assessed and researched over the last 18 years they were very good. Who is NCC Group and who am I? Firstly, it is prudent to introduce myself and the company I …
You can watch it in action here: The videos were made with our early prototypes. The release birds are much much prettier! We think its insane that organizations that spent millions of dollars on cyber security took months (or years) to realize that they were breached. We think Canary fixes this elegantly and manages to do this at a super reasonable price-point. We have spent ages adding features, stripping features and making it a pleasure …