Conversations with the hackers, leaders, and innovators of the software world. Hosts Adam Stacoviak and Jerod Santo face their imposter syndrome so you don’t have to. Expect in-depth interviews with the best and brightest in software engineering, open source, and leadership. This is a polyglot podcast. All programming languages, platforms, and communities are welcome. Open source moves fast. Keep up.
Attack of the Canaries!
This week we’re joined by Haroon Meer from Thinkst — the makers of Canary and Canary Tokens. Haroon walks us through a network getting compromised, what it takes to deploy a Canary on your network, how they maintain low false-positive numbers, their thoughts and principles on building their business (major wisdom shared!), and how a Canary helps surface network attacks in real time.
Changelog++ members get a bonus 4 minutes at the end of this episode and zero ads. Join today!
Sponsors:
- Statsig – Build faster with confidence. Startups to Fortune 500s rely on Statsig to make data-driven decisions. Ship smarter and faster with the unified platform for feature flags, experimentation, and analytics. Our listeners get free white-glove onboarding, migration support, and 5 million free events per month.
- Sentry – Watch Lazar Nikolov livestream on YouTube at youtube.com/@nikolovlazar. Use the code
CHANGELOG
and get the team plan FREE for three (3) months. - Changelog News – A podcast+newsletter combo that’s brief, entertaining & always on-point. Subscribe today.
- Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
Featuring:
- Haroon Meer – Twitter, LinkedIn, Website
- Adam Stacoviak – Mastodon, Twitter, GitHub, LinkedIn, Website
- Jerod Santo – Mastodon, Twitter, GitHub, LinkedIn
Show Notes:
Something missing or broken? PRs welcome!
Timestamps:
(00:00) - This week on The Changelog
(01:00) - Sponsor: Statsig
(04:28) - Start the show!
(05:32) - Canary tokens
(10:03) - The footprint of a Canary
(14:23) - The Homelab lens
(16:43) - Fingerprinting a Canary
(18:45) - Masquerading as many things
(24:02) - Ratio of Canaries to real hardware?
(28:47) - Sponsor: Sentry
(32:26) - False positives
(34:11) - How are attackers getting in?
(39:10) - How do you masquerade well?
(41:45) - Bootstrapping Thinkst and Canary
(53:31) - Adding too many things
(59:35) - Just be kind
(1:03:21) - Regarding dead Canaries
(1:05:53) - How Canaries get deployed
(1:12:00) - Sponsor: Changelog News
(1:13:44) - Do you care about hardware?
(1:20:06) - Adam's attack!!
(1:25:10) - Where else can/will you go?
(1:29:04) - Thoughts on the VC model
(1:40:51) - Save it for ++
(1:41:40) - Up next!