ThinkstCanary
@thinkstcanary.canary.tools
Every year, we try to give our customers a small gift from Thinkst Canary.
Previously we did the Canary Swiss Army Knives¹.
This year, it's the awesome Mako kit from iFixit
All told, we've shipped just under a ton of them 🤯
__
¹ x.com/ThinkstCanar...
Previously we did the Canary Swiss Army Knives¹.
This year, it's the awesome Mako kit from iFixit
All told, we've shipped just under a ton of them 🤯
__
¹ x.com/ThinkstCanar...
November 5, 2025 at 11:52 AM
Every year, we try to give our customers a small gift from Thinkst Canary.
Previously we did the Canary Swiss Army Knives¹.
This year, it's the awesome Mako kit from iFixit
All told, we've shipped just under a ton of them 🤯
__
¹ x.com/ThinkstCanar...
Previously we did the Canary Swiss Army Knives¹.
This year, it's the awesome Mako kit from iFixit
All told, we've shipped just under a ton of them 🤯
__
¹ x.com/ThinkstCanar...
This quarter we announced two new platforms for Canary: Oracle Cloud Infra. (OCI) & Nutanix.
Our v1 was a hardware device, but today, Canary also runs on
- GCP,
- AWS,
- VMware,
- Azure,
- Docker,
- Tailscale,
- OCI,
- Nutanix.
Still dead simple. Still "just works!"
Our v1 was a hardware device, but today, Canary also runs on
- GCP,
- AWS,
- VMware,
- Azure,
- Docker,
- Tailscale,
- OCI,
- Nutanix.
Still dead simple. Still "just works!"
October 30, 2025 at 12:44 PM
This quarter we announced two new platforms for Canary: Oracle Cloud Infra. (OCI) & Nutanix.
Our v1 was a hardware device, but today, Canary also runs on
- GCP,
- AWS,
- VMware,
- Azure,
- Docker,
- Tailscale,
- OCI,
- Nutanix.
Still dead simple. Still "just works!"
Our v1 was a hardware device, but today, Canary also runs on
- GCP,
- AWS,
- VMware,
- Azure,
- Docker,
- Tailscale,
- OCI,
- Nutanix.
Still dead simple. Still "just works!"
US-EAST-1 (AWS) is currently "degraded".
This affects the following Canary services directly:
- Creating AWS Canarytokens (both free and commercial) ;
- Launching new Tailscale Canaries.
Sorry!
We will send a message when service returns to normal.
This affects the following Canary services directly:
- Creating AWS Canarytokens (both free and commercial) ;
- Launching new Tailscale Canaries.
Sorry!
We will send a message when service returns to normal.
October 20, 2025 at 9:21 AM
US-EAST-1 (AWS) is currently "degraded".
This affects the following Canary services directly:
- Creating AWS Canarytokens (both free and commercial) ;
- Launching new Tailscale Canaries.
Sorry!
We will send a message when service returns to normal.
This affects the following Canary services directly:
- Creating AWS Canarytokens (both free and commercial) ;
- Launching new Tailscale Canaries.
Sorry!
We will send a message when service returns to normal.
Leighton & Sharukh just snuck a quick update into canarytokens.org to allow you to easily manage all the tokens you've previously created.
Still just $0.00
Still one of the best things you can do to detect attackers before they dig in...
Still just $0.00
Still one of the best things you can do to detect attackers before they dig in...
September 24, 2025 at 5:28 PM
Leighton & Sharukh just snuck a quick update into canarytokens.org to allow you to easily manage all the tokens you've previously created.
Still just $0.00
Still one of the best things you can do to detect attackers before they dig in...
Still just $0.00
Still one of the best things you can do to detect attackers before they dig in...
Reposted by ThinkstCanary
Thanks @thinkstcanary.canary.tools for making this awesome platform! 🙌
If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...
If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...
September 23, 2025 at 9:03 AM
Thanks @thinkstcanary.canary.tools for making this awesome platform! 🙌
If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...
If you still haven't read my blog post, here it is: grafana.com/blog/2025/08...
Today we released our new (free) AWS Infrastructure Canarytoken on canarytokens.org.
It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed.
(1 of 3)
It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed.
(1 of 3)
September 15, 2025 at 4:36 PM
Today we released our new (free) AWS Infrastructure Canarytoken on canarytokens.org.
It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed.
(1 of 3)
It catches attackers in your AWS account by putting tempting assets in their way and alerting you if they get probed.
(1 of 3)
Reposted by ThinkstCanary
Introducing keynote spreaker: Marco Slaviero! 🚀
A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights!
Grab your ticket today: za.pycon.org/tickets
@marcoslaviero.bsky.social
@thinkstcanary.canary.tools
A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights!
Grab your ticket today: za.pycon.org/tickets
@marcoslaviero.bsky.social
@thinkstcanary.canary.tools
September 8, 2025 at 3:00 PM
Introducing keynote spreaker: Marco Slaviero! 🚀
A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights!
Grab your ticket today: za.pycon.org/tickets
@marcoslaviero.bsky.social
@thinkstcanary.canary.tools
A #PyConZA veteran and the ingenious CTO of ThinkstCanary, Marco is redefining the security landscape. Don't miss out on his insights!
Grab your ticket today: za.pycon.org/tickets
@marcoslaviero.bsky.social
@thinkstcanary.canary.tools
Spotted at the U.S Open 🎾💪💚
September 3, 2025 at 4:46 PM
Spotted at the U.S Open 🎾💪💚
Most of the company is in CapeTown this week for our annual ThinkstCon.
This means lots of green stuff, and lots of padel.
💪💚
This means lots of green stuff, and lots of padel.
💪💚
September 1, 2025 at 9:04 PM
Most of the company is in CapeTown this week for our annual ThinkstCon.
This means lots of green stuff, and lots of padel.
💪💚
This means lots of green stuff, and lots of padel.
💪💚
It's our birthday, so we created a tiny skunk(worksy) game for you to play..
Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt.
Have fun!! (but watch out for the Canaries)
canary.tools/10-year
Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt.
Have fun!! (but watch out for the Canaries)
canary.tools/10-year
August 29, 2025 at 5:24 PM
It's our birthday, so we created a tiny skunk(worksy) game for you to play..
Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt.
Have fun!! (but watch out for the Canaries)
canary.tools/10-year
Complete all 7 continents, and we will send you a limited-edition, 10-year t-shirt.
Have fun!! (but watch out for the Canaries)
canary.tools/10-year
In April this year, @grafana.bsky.social had a security incident due to an insecure GitHub Action. The attackers even tried covering their tracks.
How were they discovered? Canarytokens..
Check out their post¹ on how they use our tokens at scale..
__
¹ grafana.com/blog/2025/08...
How were they discovered? Canarytokens..
Check out their post¹ on how they use our tokens at scale..
__
¹ grafana.com/blog/2025/08...
Canary tokens: Learn all about the unsung heroes of security at Grafana Labs | Grafana Labs
Learn why the use of canary tokens let us spot a recent intrusion and swarm quickly in response, and find out why you should be using canary tokens to prevent serious security incidents in the future.
grafana.com
August 27, 2025 at 10:02 AM
In April this year, @grafana.bsky.social had a security incident due to an insecure GitHub Action. The attackers even tried covering their tracks.
How were they discovered? Canarytokens..
Check out their post¹ on how they use our tokens at scale..
__
¹ grafana.com/blog/2025/08...
How were they discovered? Canarytokens..
Check out their post¹ on how they use our tokens at scale..
__
¹ grafana.com/blog/2025/08...
Reposted by ThinkstCanary
How do you know you're compromised?
Read my newest article to see how we used canary tokens to detect an attack on our infrastructure.
grafana.com/blog/2025/08...
Read my newest article to see how we used canary tokens to detect an attack on our infrastructure.
grafana.com/blog/2025/08...
Canary tokens: Learn all about the unsung heroes of security at Grafana Labs | Grafana Labs
Learn why the use of canary tokens let us spot a recent intrusion and swarm quickly in response, and find out why you should be using canary tokens to prevent serious security incidents in the future.
grafana.com
August 26, 2025 at 8:20 AM
How do you know you're compromised?
Read my newest article to see how we used canary tokens to detect an attack on our infrastructure.
grafana.com/blog/2025/08...
Read my newest article to see how we used canary tokens to detect an attack on our infrastructure.
grafana.com/blog/2025/08...
"We had good success with your canaries at ..."
"I would like to intro my (new) team at ...."
10 years in && we still do 0 outbound sales.
We've had the best customers since day-1!
💪💚
"I would like to intro my (new) team at ...."
10 years in && we still do 0 outbound sales.
We've had the best customers since day-1!
💪💚
August 15, 2025 at 5:40 PM
"We had good success with your canaries at ..."
"I would like to intro my (new) team at ...."
10 years in && we still do 0 outbound sales.
We've had the best customers since day-1!
💪💚
"I would like to intro my (new) team at ...."
10 years in && we still do 0 outbound sales.
We've had the best customers since day-1!
💪💚
A friendly reminder from your Canary Console that if you are in the Northern Hemisphere, you can probably check out the Perseid meteor shower this week..
💪💚💫
💪💚💫
August 11, 2025 at 4:32 PM
A friendly reminder from your Canary Console that if you are in the Northern Hemisphere, you can probably check out the Perseid meteor shower this week..
💪💚💫
💪💚💫
Reposted by ThinkstCanary
just when you thought @thinkstcanary.canary.tools couldn't get any cooler
they go and do this 🥹🌠💚
omggggg i love it
www.space.com/32868-persei...
they go and do this 🥹🌠💚
omggggg i love it
www.space.com/32868-persei...
August 9, 2025 at 1:55 AM
just when you thought @thinkstcanary.canary.tools couldn't get any cooler
they go and do this 🥹🌠💚
omggggg i love it
www.space.com/32868-persei...
they go and do this 🥹🌠💚
omggggg i love it
www.space.com/32868-persei...
BlackHat boothing was great. We got to hang-out with customers & chat Canary with a bunch of new folks..
Our booth has changed, our tech has levelled up (by orders of magnitude) but it's the same price¹ as always, & still "just works!"
__
¹ Still never increased prices since year-1
Our booth has changed, our tech has levelled up (by orders of magnitude) but it's the same price¹ as always, & still "just works!"
__
¹ Still never increased prices since year-1
August 8, 2025 at 7:09 PM
BlackHat boothing was great. We got to hang-out with customers & chat Canary with a bunch of new folks..
Our booth has changed, our tech has levelled up (by orders of magnitude) but it's the same price¹ as always, & still "just works!"
__
¹ Still never increased prices since year-1
Our booth has changed, our tech has levelled up (by orders of magnitude) but it's the same price¹ as always, & still "just works!"
__
¹ Still never increased prices since year-1
The 2025, Q2 edition of ThinkstScapes is now available for download¹ at thinkst.com/ts
If you are in Vegas for BlackHat, swing by our booth for a hard copy.
This edition tracks "over 1,450 talks & papers & almost 1,400 blog posts"
__
¹ As always, completely free
If you are in Vegas for BlackHat, swing by our booth for a hard copy.
This edition tracks "over 1,450 talks & papers & almost 1,400 blog posts"
__
¹ As always, completely free
August 6, 2025 at 4:31 PM
The 2025, Q2 edition of ThinkstScapes is now available for download¹ at thinkst.com/ts
If you are in Vegas for BlackHat, swing by our booth for a hard copy.
This edition tracks "over 1,450 talks & papers & almost 1,400 blog posts"
__
¹ As always, completely free
If you are in Vegas for BlackHat, swing by our booth for a hard copy.
This edition tracks "over 1,450 talks & papers & almost 1,400 blog posts"
__
¹ As always, completely free
We published an internal post¹ that our @marcoslaviero.bsky.social recently wrote "on caring".
It's worth a read, because as he writes. caring about what is built is surprisingly fragile (and shockingly absent).
__
¹ blog.thinkst.com/2025/06/on-c...
It's worth a read, because as he writes. caring about what is built is surprisingly fragile (and shockingly absent).
__
¹ blog.thinkst.com/2025/06/on-c...
June 2, 2025 at 2:12 PM
We published an internal post¹ that our @marcoslaviero.bsky.social recently wrote "on caring".
It's worth a read, because as he writes. caring about what is built is surprisingly fragile (and shockingly absent).
__
¹ blog.thinkst.com/2025/06/on-c...
It's worth a read, because as he writes. caring about what is built is surprisingly fragile (and shockingly absent).
__
¹ blog.thinkst.com/2025/06/on-c...
Reposted by ThinkstCanary
A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding
A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding | TechCrunch
Reflecting on 10 years since its launch, the honeypot maker explains why the company did not take on any VC funding.
techcrunch.com
May 29, 2025 at 2:19 PM
A decade in, bootstrapped Thinkst Canary reaches $20M in ARR without VC funding
When we first built @thinkstcanary.canary.tools we were proud that it took less than 4 minutes to be useful when bought.
Now it takes less than two...
Catching attackers is the game the whole family can play...
Now it takes less than two...
Catching attackers is the game the whole family can play...
May 26, 2025 at 8:09 PM
When we first built @thinkstcanary.canary.tools we were proud that it took less than 4 minutes to be useful when bought.
Now it takes less than two...
Catching attackers is the game the whole family can play...
Now it takes less than two...
Catching attackers is the game the whole family can play...
Reposted by ThinkstCanary
Internal release naming is totally becoming serious business at @thinkstcanary.canary.tools
May 14, 2025 at 10:03 AM
Internal release naming is totally becoming serious business at @thinkstcanary.canary.tools
The Q1-2025 edition of ThinkstScapes is now available at thinkst.com/ts.
To compile this issue, we tracked over 1350 talks & papers (and about 1500 blog posts).
Available¹ in PDF, ePub and with a short audio summary.
__
¹ As always: Completely free/without reg-wall
To compile this issue, we tracked over 1350 talks & papers (and about 1500 blog posts).
Available¹ in PDF, ePub and with a short audio summary.
__
¹ As always: Completely free/without reg-wall
May 7, 2025 at 3:49 PM
The Q1-2025 edition of ThinkstScapes is now available at thinkst.com/ts.
To compile this issue, we tracked over 1350 talks & papers (and about 1500 blog posts).
Available¹ in PDF, ePub and with a short audio summary.
__
¹ As always: Completely free/without reg-wall
To compile this issue, we tracked over 1350 talks & papers (and about 1500 blog posts).
Available¹ in PDF, ePub and with a short audio summary.
__
¹ As always: Completely free/without reg-wall
Reposted by ThinkstCanary
Facing a policy deadline for CVSS 10s?
Use our #F5Labs Canary Exploit tool to safely test your system. If vulnerable, reading the parquet file makes javax.swing.JEditorPane contact a specific URL (ex: ‘Web Bug’ URL @thinkstcanary.canary.tools)
➡️ Check out here: https://go.f5.net/aio3117o
Use our #F5Labs Canary Exploit tool to safely test your system. If vulnerable, reading the parquet file makes javax.swing.JEditorPane contact a specific URL (ex: ‘Web Bug’ URL @thinkstcanary.canary.tools)
➡️ Check out here: https://go.f5.net/aio3117o
April 28, 2025 at 10:30 PM
Facing a policy deadline for CVSS 10s?
Use our #F5Labs Canary Exploit tool to safely test your system. If vulnerable, reading the parquet file makes javax.swing.JEditorPane contact a specific URL (ex: ‘Web Bug’ URL @thinkstcanary.canary.tools)
➡️ Check out here: https://go.f5.net/aio3117o
Use our #F5Labs Canary Exploit tool to safely test your system. If vulnerable, reading the parquet file makes javax.swing.JEditorPane contact a specific URL (ex: ‘Web Bug’ URL @thinkstcanary.canary.tools)
➡️ Check out here: https://go.f5.net/aio3117o