Risky Biz Soap Box: Thinkst Canary's Decade of Deception
Risky Business Podcast
Host: Patrick Gray
Guest: Harun Mir, Founder of Thinkst Canary
Release Date: October 28, 2024
Introduction
In this special soapbox edition of the Risky Business podcast, host Patrick Gray engages in an in-depth conversation with Harun Mir, the founder and driving force behind Thinkst Canary. Celebrating a decade of innovation in deception technology, the discussion delves into the origins, growth, and sustained dominance of Thinkst Canary in the information security landscape.
Thinkst Canary’s Decade of Deception
Origins and Mission
Harun Mir opens the discussion by outlining the foundational vision of Thinkst Canary. The company's primary objective was to simplify the deployment and effectiveness of honeypots, transforming them from niche tools into essential security assets.
Harun Mir [01:31]: "We make a honeypot... if we could make them simple enough for people to use, people would use them."
Simplicity and Ease of Deployment
A core principle for Thinkst Canary has been ensuring that their products are quick and painless to deploy, without introducing additional risks to existing networks. This focus on user experience has been pivotal in their widespread adoption.
Harun Mir [01:31]: "Customers should be able to buy a canary honeypot, deploy it in under two minutes, and have it be useful on their network."
Internal vs. External Honeypots
Patrick Gray highlights a significant innovation: positioning honeypots internally within networks rather than exposing them externally. This strategic placement ensures higher quality signals by detecting attackers who have already infiltrated the network.
Patrick Gray [03:13]: "Your big, you know, big brain idea was, hey, why don't we put them on the inside and we can catch people who already have a presence on the network."
Harun Mir [03:36]: "Honeypots on the internal network really shouldn't be touched. Our thing was to take these honeypots, make them really trivial to deploy."
Thinkst Canary’s Market Dominance
Simplicity vs. Complexity in the Market
Harun attributes Thinkst Canary's unique position in the market to their unwavering commitment to simplicity. While competitors often pursue complex, high-margin solutions to attract venture capital, Thinkst Canary focuses on creating reliable, easy-to-use products.
Harun Mir [08:17]: "Canary should function like a brick... simple but works is underestimated."
Patrick Gray [10:25]: "I remember once, in your early days, seeing some of these competitors... that's not really what you need to do here."
Market Size and Availability
Contrary to initial assumptions about a limited market, Harun reveals that the demand for canaries spans a diverse range of organizations, from small law firms to Fortune 100 companies. This broad applicability underscores the practicality and necessity of their solutions.
Harun Mir [12:40]: "I can make an honest case for every org in the world to have five canaries. There are some who should be bigger, but for seven and a half K, people should just put them down."
Innovation and Canary Tokens
Thinkst Canary has expanded its offerings with Canary Tokens—versatile honey tokens available for free at canarytokens.org. These tokens complement the hardware canaries, providing additional layers of defense and high-quality alerts.
Harun Mir [07:12]: "Canary tokens feature... some of it... we give it away free so our customers get it."
Microsoft's Embrace of Honey Tokens
A significant highlight of the conversation is Microsoft's integration of deception technologies. Harun discusses how Microsoft employs honey tokens to disrupt phishing operations, aligning closely with Thinkst Canary's philosophy.
Patrick Gray [16:51]: "I saw a headline... could you give us a bit more detail on what exactly Microsoft are doing with honey tokens?"
Harun Mir [20:28]: "Every Microsoft document on their deception stuff exactly sings the song of our people... Why wouldn't you be using it in your org?"
Hardware vs. Cloud Deployment
While Thinkst initially focused on hardware canaries for ease of deployment, the company has successfully expanded into cloud environments, ensuring compatibility with platforms like Azure, AWS, and GCP. Despite cloud's growing prominence, hardware canaries continue to play a crucial role.
Harun Mir [21:09]: "The hardware stuff still works surprisingly well."
Patrick Gray [22:18]: "Cloud wasn't as ubiquitous 10 years ago, but now it is."
Future Vision and Growth
Looking ahead, Harun envisions Thinkst Canary achieving global penetration, metaphorically placing a canary on every network. This ambitious goal is supported by ongoing product refinements and strategic partnerships with Managed Security Service Providers (MSSPs).
Harun Mir [15:20]: "Our plan for world domination is a Canary on every network."
Harun Mir [27:14]: "Our dream is to keep inventing new ways to detect it, keep rolling out canaries so that we can put this canary on every desktop."
The Power of Conference Booths
Harun passionately advocates for the effective use of conference booths as a means to engage directly with customers. Unlike many vendors who fall into the trap of superficial marketing gimmicks, Thinkst Canary leverages conferences to conduct meaningful demonstrations and foster genuine conversations.
Harun Mir [29:44]: "Conference booths are a great way to meet our customers... existing customers come by and say nice things with an ear shot of new potential customers."
Patrick Gray [32:43]: "You need to staff your booths with real people who have agency within the company."
Conclusion
Harun Mir's dedication to simplicity, reliability, and genuine customer engagement has cemented Thinkst Canary's position as a leader in deception technology. As the company celebrates a decade of success, its vision for the future remains focused on innovation and expanding its reach to ensure robust security across all networks.
Harun Mir [28:52]: "We'll keep doing what we do, which is making it better and better and inventing new ways to make defenders win."
This comprehensive overview captures the essence of the podcast episode, highlighting Thinkst Canary's journey, strategic decisions, and future aspirations, enriched with key quotes and timestamps for deeper insights.