Complete list of enterprise security products I recommend (evergreen edition): 1) @ThinkstCanary 2) @duosec 3) @Yubico

Awesome product and customer service to match! Thanks :)

I have to give a shout out to @ThinkstCanary for being awesome. They not only have a great product but also great people behind it. 🦅

Out with the old @ThinkstCanary's and in with the new. If you have not deployed these on your network you are missing a great tool.

You may be wondering "does @ThinkstCanary actually work?" Yes. Yes it does. #NoContext

You could buy a threat intel feed, or you could just buy a canary from canary.tools and know when you’be been breached #CTIJam

If you have networks, and you care about protecting them, go give @haroonmeer some coins for a bag of @ThinkstCanary. They’re ace.

So excited to see how this bird works. cc: @ThinkstCanary @haroonmeer

just got a demo of @ThinkstCanary by @haroonmeer... HO-LEEE CRAP!!! what a beautifully designed, powerful product #honeypot #infosec

+1. We ❤️ our Canaries.

The only thing more awesome than our Canaries: Our Customers 💕

Big fan of this tech. High signal, low noise.

1) Guy leaves token'd doc on WebServer (not in document root) 2) Token is hit from Russian IP Address Seriously use canarytokens.org

But probably what you actually want is @ThinkstCanary

IMHO, Thinkst is the hottest little security company and technology you’ve never heard of.

Canary is great.

How many other "security products" are positively evaluated when anyone with a clue looks at them?

btw, @ThinkstCanary support is as awesome as their product. unfortunately i had to test it, and have been extremely impressed. and i sure sleep better at night with a bird on the wire.

Our customers are the best!

If you don't have canary seriously check it out canary.tools @ThinkstCanary #infosec #DFIR

overall awesome product, though. Highly useful, and covers huge blindspots with minimal effort. A++ would recommend

As a current customer I highly recommend the @ThinkstCanary. You won’t initially think it’s doing much of anything until it does and uncovers a quagmire of a situation you didn’t know you had (speaking from experience here)

Don’t think, just get them ;). I was a former customer (changed roles). What will you get from them? The best support, easy interface, great price and the most accurate alert in your environment. #canarylove

Glad to see @ThinkstCanary gaining traction. It's a simple but highly effective tool for network defenders.

When you find out from your canaries that the scanning team are testing new scanners before your IPS O_o Thanks @ThinkstCanary

Canary is one of the most useful tools ever

Been chatting to @haroonmeer about @ThinkstCanary. This is super cool, honeypots made ridiculously easy: canary.tools

Just did quick and dirty Canary Token demo for a coworker. @haroonmeer the simplicity, flexibility, and power of this tool is inspiring.

The devices are great to use to ensure that firewalls/vlan isolation is configured properly. That alone has paid for the deployment.

Even if you don’t have budget get over to canarytokens.org and use their amazing free service.

"Our Canaries are made to look valuable, not vulnerable" ... that's what makes @ThinkstCanary very effective! we <3 canary.tools

canary.tools <-- This I like! Low friction honeypot devices.

I had some broken @ThinkstCanary's after a power outage and they RMA'ed new ones from South Africa in under 4 days. Amazing support!

Traps, tarpits, and honey tokens just plain work - now available for free at canarytokens.org

It was great to finally meet @haroonmeer :) Dude, people only say good things about @ThinkstCanary. Congrats!

Setting up #honeypots will never be the same with #Canaries. Check out canary.tools by @haroonmeer. So cool..

Set aside an hour to setup my new @ThinkstCanary ... not sure what I'm going to do with the other 55 minutes.

Yes. In the DC Cisco Tetration would flag unusual traffic, in the wider estate @ThinkstCanary FTW

Come for the product, stay for the customer service

1. BeyondCorp: Not easy, or for everyone, but I love the idea. 2. Canaries canary.tools

Just realized the magic of canarytokens.org. Splendid work. Thanks for the info mate

The @ThinkstCanary device is a thing of beautiful uncomplicated simplicity. Thoroughly enjoying putting it through its paces

Here's what other smart people say about @ThinkstCanary (140 character testimonials) canary.tools/love

It has to be said that @duosec, @ThinkstCanary and @XipiterSec are all proof that hackers *can* actually build excellent defensive tech.

Get canary.tools, it can’t protect against shitty security products but at least you’ll know they failed

+100 on the fake AWS creds feature from the @ThinkstCanary team. Super useful insight as we showed at ReInvent.

PS this is now yet another reason I 🖤 @ThinkstCanary — their canaries are certified to be mansplaining-free

Upgrading from @ThinkstCanary V1 to V2 is almost the easiest upgrade you will ever have to do.

My most favourite blue team tip from my defending days 1. Use @ThinkstCanary to create an exe, rename it to ntdsutil.exe and put it in the same directory (C:\Windows\system32) 2. Often attackers will use this to backup ntds.dit 3. Wait for the canary to chirp and then 😎

This why I've been following @ThinkstCanary closely for a while and highly recommend them. Amazing product, developed by some of the most seasoned pros in the industry. Oh, they’re pretty cool guys too. ;)

Their on-prem canary is one of the only things that caught me right away in post-exploitation without my knowing I was burned. Solid concept and product.

Great products that work, easy and quick to install and provide real value.

I am often encouraged by the work that @haroonmeer and the folks at @ThinkstCanary are doing. Haroon and team have really proven out the fact that simple, elegant security solutions can scale without VC; it's inspiring!

Their security product is even better. The engineering thought process behind making them believable in an environment, the steps they've taken to keeping the boxes secure, and reporting is top notch.

You know who cares about securing their customers? Companies who make their product easy to use, and affordable. This is why @duosec was valued in the Billions. This is why people love @ThinkstCanary.

I agree with this. @ThinkstCanary provide great products as well as great customer service to go along with them. Well done!

I was wondering why my Canarytoken (a file folder) was triggering & discovered the culprit was chrome.exe. Turns out @googlechrome quietly began performing AV scans on Windows devices last fall. Wtf m8? This isn’t a system dir, either, it’s in \Documents\

I’ve seen it and use it, it’s fantastic. The canary, though, as a drop in hardware device for corp/other networks is pretty fantastic, one of the best/easiest configurationsI’ve ever seen.

The two spends I’d do to increase resilience for less than one blinkenlights magic bullet cybersecurity solution? - @duosec 2FA all the things - @ThinkstCanary gain visibility on when you get penetrated Lots more I’d do w/ Canary Tokens, but that’s custom work g@comae.io 😄

The concept and use of canary tokens has made me very hesitant to use credentials gained during an engagement, versus finding alternative means to an end goal. If the aim is to increase the time taken for attackers, canary tokens work well.

It’s tough to beat Authentic feedback. Even during PoC’s, Canaries wreck Intruders.

less than 1hr into our internal pentest last week and the @ThinkstCanary were shouting at them. Love it.... #justworks @ronnieapteker @haroonmeer

Their product is not only beautiful in its simplicity/use - but they treat customers and do things as a business with the utmost integrity

Enterprise security products that are awesome and you should try: 1) @Cloudflare 2) @Dome9 3) @duo_labs 4) @ThinkstCanary 5) @Yubico

Amazing solution and service. Love @ThinkstCanary

very cool @ThinkstCanary . Nothing like that feeling when you see a new text coming in from your token :D

@haroonmeer and all the folks at @ThinkstCanary are magnificent. A great product, enhanced by superior dedication to customer satisfaction!

Top customer service from @haroonmeer and @ThinkstCanary ! Awesome stuff

The folks at @ThinkstCanary do some great work. We've deployed their devices for various clients as it fulfills many needs in a way that is unmatched.

Love @ThinkstCanary tokens! Once again their use was proven!

as a customer (my goodness, almost two years now) of Thinkst, I can't point to a single interaction where folks weren't awesome.

I <3 @ThinkstCanary Canary tokens.

@haroonmeer and the folks at @ThinkstCanary never cease to amaze me with their absolute client centricity. It can not be clearer that their priority is making a great product and building a sustainable relationship with their clients. Bravo!

I don't know if I've said this publicly before, but @ThinkstCanary has always been the company that I've drawn the most inspiration from for @GreyNoiseIO WRT client-centricity and pragmatism, and @haroonmeer has always been one of the founders I've aspired to emulate the most.

I took a @ThinkstCanary canary for a test drive. Out of the box and setup in under 10 mins. Totally working and does what it says on the tin. Im officially a fanboi

One of the products that just keeps getting better - @ThinkstCanary adds WinRM/PowerShell Remoting services to their canaries 🍯 @Recon_InfoSec we deploy these for all of our MDR customers as it’s such a valuable detection tool. https://t.co/Egi6nj9HhX

Renewals don't have to be a grudge purchase: "I'm trying to get a quote for some additional birds" "I've been working in infosec for 20 years and your product is still up there in my top 5 favourite controls!" ✊💚

@cybersecmeg @ThinkstCanary: best bang for your buck!

As a defender deception technology is one of the most powerful tools you can have. Honeypots and honeytokens can be daunting to try to configure, but they don't need to be. You can get there in a few clicks with @ThinkstCanary and #MicrosoftSentinel -

"You made a pentester very VERY sad and we appreciate it very very much hahaha." Thinkst Canary - Making attackers sad on all 7 continents...

@UK_Daniel_Card @ThinkstCanary @ThinkstCanary does indeed rock - brilliant tech, brilliant concepts and brilliant people - fantastic customer service yeah so straightforward to connect into monitoring - MS Sentinal logicapp and done in an hour (including thinking about tea making the tea and drinking the tea)

Had a @ThinkstCanary go off at a client today — true positive, but not malicious, the fourth or fifth alert we've had across six-odd clients, many birds, and several years. I wish all my security tooling was as accurately quiet.

I’m not particularly biased at all; they’re not a current sponsor to the best of my knowledge. @ThinkstCanary operationalizes a pattern I fell in love with a decade ago. Heartily endorse.

The one vendor that truly exceeded my expectations. Every now and then I’m caught off guard by my own canaries.

You probably wont ever need @ThinkstCanary technical support. But if you did, rest assured that they offer the best support in the business.

I ❤️ @ThinkstCanary

@g33kgir11 @haroonmeer @ThinkstCanary let me just say it's the only time I remember grinning from ear to ear while going through the configuration options of a security tool

Customers that DM, just “to spread some love” 🥰✊️💚

Forcing an adversary to question the legitimacy of a target can be the difference between detecting nefarious activity and preventing a catastrophic breach or not knowing anything before it’s too late. @ThinkstCanary products work and that’s really special.

Sep 7, 00h09: “I ran into a canary at a new customer!” “some of your gear in the wild caught me during a gig!" Respect! ✊️💚

The team @ThinkstCanary are genuinely awesome, I put in a cheeky little feature request yesterday & TODAY it’s live in my console!! Outstanding customer customer support!

People talk about “leaving money on the table” like it’s always a bad thing. Mails like this are pretty priceless… (Cc: @ThinkstCanary)

@haroonmeer I'm getting the POs sent over from the seventh and eighth companies I've had install them this week.

@bigendiansmalls @ThinkstCanary They are fantastic, actually caught a red teamer this time

People sometimes ask me why I don’t miss a chance to endorse these guys. This is why.

I put @material_sec in the same category as great, true security vendors like @Bugcrowd, @duosec, @ThinkstCanary, and @1Password. They all live up to what they sell, stay focused on solving *real* security problems, over delivery, and provide remarkable support.

@pwnallthethings @thegrugq I’d concentrate on integrating attack surface mapping (such as @hdmoore’s rumble network discovery) and early detection (e.g. @ThinkstCanary) tools in my governance model. And keep the remaining $299m for the trouble.

@ThinkstCanary Your product is awesome. I'd certainly advertise that I use it in order to discourage attackers!!

Use @ThinkstCanary

'This is our annual pen-testing audit... The birds were able to pick up the “intruder” on at least 6 occasions from what I saw.' 'they were identified within 20 minutes' Make your intruders work for it...

If you have vendors, you have supply chain issues... Last I checked, unless you are REALLY into running Gentoo or making your own hardware (*cough* Google *cough*) - even THEN you're still not "safe" - your BEST bet is using those canaries to hopefully tip you off early enough

@jeremiahg True positive detection is why I like @ThinkstCanary so much. And other related approaches to detecting compromise that utilise attackers taking positive steps to further their access or exploit their access. That’s where I think there is a viable future against attackers

Deploying security canary devices/beacons is essential in any environment. You can detect movement from malicious activities, including insiders. Thinkst Canary is an awesome product by an awesome team, too!

@imelven @ThinkstCanary I’ve been developing, deploying amd working with honeypots for 20+ years (https://t.co/elRsY5jdNm). This is the first commercial product that has made them a simple security line item that proves a return.

So I recently had the chance to play around with @ThinkstCanary tools. And yes - they are just as awesome as random #infosec people on Twitter want to make you believe 🚀♥️

"The first time (if the red team doesn't know) they'll get caught and then what will happen is the next time around, red-team will second guess every little thing they do & it will slow them down" "Put them anywhere. Put them everywhere" @malcomvetter on Canaries/Canarytokens

@haroonmeer and the folks at @ThinkstCanary never cease to amaze me with their absolute client centricity. It can not be clearer that their priority is making a great product and building a sustainable relationship with their clients. Bravo!

If you asked me to name three classes of (defensive) security tech that actually, definitely work I would say canaries, 2fa and then pause for a really long time

The folks at @ThinkstCanary do some great work. We've deployed their devices for various clients as it fulfills many needs in a way that is unmatched.

Infosec products: - don’t have to be grudge-purchases; - don’t have to look like they were written for Windows 3.1; - don’t have to be crazy expensive; - can absolutely be built with ❤️

@ThinkstCanary Your canaries tipped me off about so much weird shit happening in an environment that I was monitoring a few years ago 💙

@haroonmeer and all the folks at @ThinkstCanary are magnificent. A great product, enhanced by superior dedication to customer satisfaction!

Apropos to my last tweet, there is an alternative to crappy security products:

@ucsenoi @jeremiahg @ThinkstCanary Yeah it’s the only thing that’s impressed me for people whose job isn’t “Run honeypots.” I was hugely into honeypots years ago and it’s an expensive hobby time-wise.

QConSF talk is finally up! Lend me your eyes and ears, as I talk about how canaries and intrusion detection fit into automated deployments, and infrastructure at scale. #birdlyfe