Thinkst Blog

In our previous post ( Are Canaries Secure? ) we showed (some of) the steps we’ve taken to harden Canary and limit the blast radius from a potential Canary compromise. Colloquially, that post aimed to answer the question: “are Canaries Secure?” This post aims at another question that pops up periodically: “If I run your Canaries on my network, can you use them to hack me?” This answer is a little more complicated than the first, as there is some nuance. (Because my brutally honest answer is: “yeah… probably”.) But this isn’t because Canary gives us special access, it’s true because most of your other vendors can too.If you run software  with an auto update facility (and face it, it’s the gold standard for updates these days), then the main thing stopping that vendor from using that software to gain a foothold on your network is a combination of that vendor's imagination, ethics, or discomfort with the size of jail cells. It may not be a comfortable fact, but fact remains true with ...

What a question. In an industry frequently criticised for confusing security software with secure software , and where security software is ranked poorly against other software segments , it's no surprise we periodically hear this question when talking to potential customers. We figured we'd write a quick blog post with our thoughts on it. We absolutely love the thought of this question coming up. Far too many people have been far too trusting of security products, which is how we end up with products so insecure that FX said you'd be " better off defending your networks with Microsoft Word ". In fact, it's one of the things we actively pushed for in our 2019 talk on " the Products we Deserve ": ( The Products we deserve ) So, how do we think about security when building Canary? Most of our founding team have a long history in offense and we've worked really hard to avoid building the devices we've taken advantage of for years. From base arc...