๐We've published our Tracebit GitHub Action to the GitHub Marketplace!
It now deploys canary SSH keys and AWS credentials to catch supply chain attacks like TeamPCP's Trivy attack: github.com/marketplace/...
@synthesia.io needed high-confidence detection signals across a multi-cloud environment.
They deployed Tracebit canaries and saw high-fidelity alerts with near-zero false positives and minimal ongoing maintenance.
Read the full case study here: tracebit.com/customer/syn...
We're heading to Singapore for Black Hat Asia!
Come find us at Booth 223 - we'll be showing how security canaries detect breaches the moment attackers move.
See you there ๐
Up to 10 repos for free (public and private), minutes to detect attacks like Trivy, sign up and let us know what you think!
community.tracebit.com to sign up
๐ You may have noticed chatter about supply chain attacks recently. Canaries can provide vital signals for these attacks. We've just opened up Tracebit Canary Github Action support for free in our Community Edition.
We are at RSAC! ๐
Find us at Booth NXT 4 to learn more about security canaries and how they can strengthen your security posture.
We look forward to meeting you!
If you are in San Fransisco this Sunday 22nd March for BSidesSF or RSAC we'd love for you to join us for Rooftop drinks! โ๏ธ
We're co-hosting with Socket, cside, RunReveal and Keycard.
Sign up here: luma.com/t9iaikrx
BIG NEWS! We've raised our Series A, bringing total funding to $25M ๐
Led by @firstmark.bsky.social joined by Accel, MMC and Tapestry VC
This next phase is all about broader coverage and bigger features, with GCP support, Perimeter Canaries, and Deceptive Artifacts all shipping this quarter.
๐ฎ Episode 4 of Canaries in the Wild is now live with Kevin Conley, Team Lead and Principal Security Engineer of the Deception Technology team at Riot Games.
Listen to the full episode here: www.youtube.com/watch?v=87HA...
๐ Here are our top 3 posts of 2025:
1. Code Execution Through Deception: Gemini AI CLI Hijack
2. Why Tracebit is written in C#
3. The full costs of building your own Canary Program
Hope you enjoyed this year's posts and wishing you a happy new year! ๐
Last week we launched Tracebit Community Edition. The team may have made it look easy, but getting it right took a monumental effort.
Our CTO Sam breaks down what went into it - from solving the "stealth problem" to shipping our first cross-platform CLI.
Read: tracebit.com/blog/buildin...
๐ป We are excited to be hosting drinks tonight with our friends at @RunReveal.
Join us at Platform Shoreditch for food, drinks and lots of games.
If you're around in London, we'd love to see you there.
Sign up here: luma.com/nees25e2
๐We're heading to @bsideslondon.bsky.social's BSides London!
Come find the Tracebit team on December 13th to chat about security canaries and the role of deception in an "assume breach" strategy.
We're excited to see you there!
๐Weโve just released the Tracebit Community Edition of our security canary platform!
Protect your browser, password manager, inbox, and endpoints with canaries โ all managed from the community console.
Sign up for free now: community.tracebit.com
๐ We're heading to @blackhatevents.bsky.social's BlackHat Europe!
We'll be at ExCeL London on Dec 10th-11th.
Find us at booth 426 to learn more about security canaries and what we are working on at Tracebit!
Book a time: meetings-eu1.hubspot.com/robert-thurt...
๐๏ธEpisode 3 of Canaries in the Wild is live with Mandy Andress, CISO at @elastic.co.
Mandy discusses why canaries need a bigger role in security programs and how detection is evolving with increasingly complex threats.
Listen: www.youtube.com/watch?v=QjK1...
๐ Short vs. long term canary credentials: why the choice matters more than you think.
We just published a new blog post exploring the trade-offs between long and short term canary credentials for threat detection.
Read it here: tracebit.com/blog/short-t...
tracebit.com/blog/short-t...
๐๏ธWant to hear more about Didier Vandenbroeck's take on the 'Assume Breach' mindset?
Listen to Canaries in the Wild Episode 1: www.youtube.com/watch?v=VIMd...
๐๏ธ Episode 2 of Canaries in the Wild is live with Josh Yavor, CEO and Co-Founder of @credible-security.com.
Josh has over a decade of experience deploying deception technology across organisations of all sizes, and shares his practitioner insights with us.
Listen: www.youtube.com/watch?v=ItzY...
๐ We're heading to @bsidesnyc.org on Saturday 18th October!
Want to talk security canaries and learn what we're building at Tracebit? Come find us at our booth.
See you there ๐
๐๏ธ Launching Canaries in the Wild - our new podcast on deception tech that actually catches attackers.
First episode: Didier Vandenbroeck on deploying canaries at Oleria and getting caught by honeypots himself while on offense at Salesforce.
Listen: www.youtube.com/watch?v=VIMd...
๐ค AI agents are hitting honeypots in the wild - and it's wild how they react.
Sam Cox tested something fascinating: mention "honeypots might exist" to an LLM mid-attack, and it completely changes its strategy. Just like humans, they get paranoid.
Full analysis: tracebit.com/blog/canarie...
๐ Great to see @grafana.bsky.social sharing their canary token success story - they allowed them to catch a real intrusionโผ๏ธ
This is exactly the kind of real-world validation we love to see. Security teams want precise alerts that allow them to catch attacks early.
grafana.com/blog/2025/08...
๐ฌ Pretty cool to see Sam Cox's Gemini CLI research featured in Low Level's YouTube video and hitting 150k+ views ๐
๐ From discovering a silent code execution vulnerability to mainstream coverage!
Full breakdown on our blog for the curious minds out there. ๐
lnkd.in/eprKJ5vS
