I have to give a shout out to @ThinkstCanary for being awesome. They not only have a great product but also great people behind it. ๐ฆ
You could buy a threat intel feed, or you could just buy a canary from canary.tools and know when youโbe been breached #CTIJam
just got a demo of @ThinkstCanary by @haroonmeer... HO-LEEE CRAP!!! what a beautifully designed, powerful product #honeypot #infosec
Big fan of this tech. High signal, low noise.
IMHO, Thinkst is the hottest little security company and technology youโve never heard of.
btw, @ThinkstCanary support is as awesome as their product. unfortunately i had to test it, and have been extremely impressed. and i sure sleep better at night with a bird on the wire.
overall awesome product, though. Highly useful, and covers huge blindspots with minimal effort. A++ would recommend
Glad to see @ThinkstCanary gaining traction. It's a simple but highly effective tool for network defenders.
Been chatting to @haroonmeer about @ThinkstCanary. This is super cool, honeypots made ridiculously easy: canary.tools
Even if you donโt have budget get over to canarytokens.org and use their amazing free service.
I had some broken @ThinkstCanary's after a power outage and they RMA'ed new ones from South Africa in under 4 days. Amazing support!
Setting up #honeypots will never be the same with #Canaries. Check out canary.tools by @haroonmeer. So cool..
Come for the product, stay for the customer service
The @ThinkstCanary device is a thing of beautiful uncomplicated simplicity. Thoroughly enjoying putting it through its paces
+100 on the fake AWS creds feature from the @ThinkstCanary team. Super useful insight as we showed at ReInvent.
Upgrading from @ThinkstCanary V1 to V2 is almost the easiest upgrade you will ever have to do.
Their on-prem canary is one of the only things that caught me right away in post-exploitation without my knowing I was burned. Solid concept and product.
Their security product is even better. The engineering thought process behind making them believable in an environment, the steps they've taken to keeping the boxes secure, and reporting is top notch.
I was wondering why my Canarytoken (a file folder) was triggering & discovered the culprit was chrome.exe. Turns out @googlechrome quietly began performing AV scans on Windows devices last fall. Wtf m8? This isnโt a system dir, either, itโs in \Documents\
The concept and use of canary tokens has made me very hesitant to use credentials gained during an engagement, versus finding alternative means to an end goal. If the aim is to increase the time taken for attackers, canary tokens work well.
Their product is not only beautiful in its simplicity/use - but they treat customers and do things as a business with the utmost integrity
very cool @ThinkstCanary . Nothing like that feeling when you see a new text coming in from your token :D
The folks at @ThinkstCanary do some great work. We've deployed their devices for various clients as it fulfills many needs in a way that is unmatched.
I <3 @ThinkstCanary Canary tokens.
I took a @ThinkstCanary canary for a test drive. Out of the box and setup in under 10 mins. Totally working and does what it says on the tin. Im officially a fanboi
Complete list of enterprise security products I recommend (evergreen edition): 1) @ThinkstCanary 2) @duosec 3) @Yubico
Out with the old @ThinkstCanary's and in with the new. If you have not deployed these on your network you are missing a great tool.
If you have networks, and you care about protecting them, go give @haroonmeer some coins for a bag of @ThinkstCanary. Theyโre ace.
+1. We โค๏ธ our Canaries.
1) Guy leaves token'd doc on WebServer (not in document root) 2) Token is hit from Russian IP Address Seriously use canarytokens.org
Canary is great.
Our customers are the best!
As a current customer I highly recommend the @ThinkstCanary. You wonโt initially think itโs doing much of anything until it does and uncovers a quagmire of a situation you didnโt know you had (speaking from experience here)
When you find out from your canaries that the scanning team are testing new scanners before your IPS O_o Thanks @ThinkstCanary
Just did quick and dirty Canary Token demo for a coworker. @haroonmeer the simplicity, flexibility, and power of this tool is inspiring.
"Our Canaries are made to look valuable, not vulnerable" ... that's what makes @ThinkstCanary very effective! we <3 canary.tools
Traps, tarpits, and honey tokens just plain work - now available for free at canarytokens.org
Set aside an hour to setup my new @ThinkstCanary ... not sure what I'm going to do with the other 55 minutes.
1. BeyondCorp: Not easy, or for everyone, but I love the idea. 2. Canaries canary.tools
Here's what other smart people say about @ThinkstCanary (140 character testimonials) canary.tools/love
Get canary.tools, it canโt protect against shitty security products but at least youโll know they failed
My most favourite blue team tip from my defending days 1. Use @ThinkstCanary to create an exe, rename it to ntdsutil.exe and put it in the same directory (C:\Windows\system32) 2. Often attackers will use this to backup ntds.dit 3. Wait for the canary to chirp and then ๐
Great products that work, easy and quick to install and provide real value.
You know who cares about securing their customers? Companies who make their product easy to use, and affordable. This is why @duosec was valued in the Billions. This is why people love @ThinkstCanary.
Iโve seen it and use it, itโs fantastic. The canary, though, as a drop in hardware device for corp/other networks is pretty fantastic, one of the best/easiest configurationsIโve ever seen.
Itโs tough to beat Authentic feedback. Even during PoCโs, Canaries wreck Intruders.
Enterprise security products that are awesome and you should try: 1) @Cloudflare 2) @Dome9 3) @duo_labs 4) @ThinkstCanary 5) @Yubico
@haroonmeer and all the folks at @ThinkstCanary are magnificent. A great product, enhanced by superior dedication to customer satisfaction!
Love @ThinkstCanary tokens! Once again their use was proven!
@haroonmeer and the folks at @ThinkstCanary never cease to amaze me with their absolute client centricity. It can not be clearer that their priority is making a great product and building a sustainable relationship with their clients. Bravo!
Awesome product and customer service to match! Thanks :)
You may be wondering "does @ThinkstCanary actually work?" Yes. Yes it does. #NoContext
So excited to see how this bird works. cc: @ThinkstCanary @haroonmeer
The only thing more awesome than our Canaries: Our Customers ๐
But probably what you actually want is @ThinkstCanary
How many other "security products" are positively evaluated when anyone with a clue looks at them?
If you don't have canary seriously check it out canary.tools @ThinkstCanary #infosec #DFIR
Donโt think, just get them ;). I was a former customer (changed roles). What will you get from them? The best support, easy interface, great price and the most accurate alert in your environment. #canarylove
Canary is one of the most useful tools ever
The devices are great to use to ensure that firewalls/vlan isolation is configured properly. That alone has paid for the deployment.
canary.tools <-- This I like! Low friction honeypot devices.
It was great to finally meet @haroonmeer :) Dude, people only say good things about @ThinkstCanary. Congrats!
Yes. In the DC Cisco Tetration would flag unusual traffic, in the wider estate @ThinkstCanary FTW
Just realized the magic of canarytokens.org. Splendid work. Thanks for the info mate
It has to be said that @duosec, @ThinkstCanary and @XipiterSec are all proof that hackers *can* actually build excellent defensive tech.
PS this is now yet another reason I ๐ค @ThinkstCanary โ their canaries are certified to be mansplaining-free
This why I've been following @ThinkstCanary closely for a while and highly recommend them. Amazing product, developed by some of the most seasoned pros in the industry. Oh, theyโre pretty cool guys too. ;)
I am often encouraged by the work that @haroonmeer and the folks at @ThinkstCanary are doing. Haroon and team have really proven out the fact that simple, elegant security solutions can scale without VC; it's inspiring!
I agree with this. @ThinkstCanary provide great products as well as great customer service to go along with them. Well done!
The two spends Iโd do to increase resilience for less than one blinkenlights magic bullet cybersecurity solution? - @duosec 2FA all the things - @ThinkstCanary gain visibility on when you get penetrated Lots more Iโd do w/ Canary Tokens, but thatโs custom work g@comae.io ๐
less than 1hr into our internal pentest last week and the @ThinkstCanary were shouting at them. Love it.... #justworks @ronnieapteker @haroonmeer
Amazing solution and service. Love @ThinkstCanary
Top customer service from @haroonmeer and @ThinkstCanary ! Awesome stuff
as a customer (my goodness, almost two years now) of Thinkst, I can't point to a single interaction where folks weren't awesome.
I don't know if I've said this publicly before, but @ThinkstCanary has always been the company that I've drawn the most inspiration from for @GreyNoiseIO WRT client-centricity and pragmatism, and @haroonmeer has always been one of the founders I've aspired to emulate the most.
If you asked me to name three classes of (defensive) security tech that actually, definitely work I would say canaries, 2fa and then pause for a really long time
