Product builders can learn loads from malware in terms of deployment and operational ease. Malware needs to operate without any assistance in unknown environments. Nobody is allowing outbound comms deliberately for malware, so tunnel methods were developed.
Networks have these capabilities, inherently they're part of the specs. But only malware seems to realise that and use it. We love reusing offensive techniques for defence (see our Canarytokens stuff), and DNS comms fits that perfectly. Our customers get an actual 2-minute install, not a 2-minute-and-then-wait-a-week-for-the-firewall-rules install.
That could be true. Especially those that opt for a heuristic/application anomalous behaviour approach.
But then, you can add white listing and exceptions to most AV products.
The updates in universe are definitely best effort.
We were paying for Ubuntu Pro through an AWS subscription on 2k EC2 instances, and could not get Canonical to update a package with a CVSS 7.8 in the 18.04 LTS.
Thinkst Canary | Frontend Engineer | REMOTE or Cape Town / Johannesburg, South Africa | https://canary.tools
Thinkst Canary is a unique honeypot system deployed across networks you frequently use, with customers including a bunch of Valley unicorns, research labs, retailers, financial services, academic institutions, mining, defence, and more, across all seven (yes, seven!) continents.
We think it's great, but don't just take our word for it, our customers frequently express their love (https://canary.love).
We're looking for an experienced Vue.js Frontend Engineer to join us and help push our frontend forward. You'll have a hand in all things frontend, from suggesting which tooling to use, to design of new features, and finally implementing the designs and pushing them live to all customers. You'll be able to help grow our frontend team, while making sure that we're always improving the UX for our customers.
Our hiring process consists of a ~45min intro chat, a take-home practical coding exercise, a group interview, and a founder interview. No whiteboards.
If you'd like to know more, or are interested in applying, get in touch at hiring@thinkst.com (and please include a CV if applying).
Thinkst Canary | Full Stack Software Engineer, Frontend Engineer | REMOTE or Cape Town / Johannesburg, South Africa | https://canary.tools
Thinkst Canary is a unique honeypot system deployed across networks you frequently use, with customers including a bunch of Valley unicorns, research labs, retailers, financial services, academic institutions, mining, defence, and more, across all seven (yes, seven!) continents.
We think it's great, but don't just take our word for it, our customers frequently express their love (https://canary.love)
Our tech stack mainly revolves around Python, Linux, and Vue.js. We use AWS, Azure, GCP to varying degrees, and ship actual hardware which keeps things exciting.
We're looking for Fullstack and Frontend Engineers to join us in continuing to develop on the honeypots, on the management consoles, and on expanding our array of Canarytokens (https://canarytokens.org).
Our hiring process consists of a ~45min intro chat, a take-home practical coding exercise, a group interview, and a founder interview. No whiteboards.
If you'd like to know more, or are interested in applying, get in touch at hiring@thinkst.com (and please include a CV if applying).
Thinkst | Cape Town, South Africa | Frontend developer | ONSITE
We make Canary (http://canary.tools), the best-loved honeypot solution around. We focus on simplicity, reliability and making a product our customers take with them when they switch companies (https://canary.tools/love has a bunch of unsolicited views.)
Thinkst is self-funded, profitable, growing, and looking to hire a talented frontend developer. We're in the process of switching a legacy frontend to Vue.js, and expect the right candidate to be comfortable in taking the lead on designing and implementing Javascript-heavy UIs.
Networks have these capabilities, inherently they're part of the specs. But only malware seems to realise that and use it. We love reusing offensive techniques for defence (see our Canarytokens stuff), and DNS comms fits that perfectly. Our customers get an actual 2-minute install, not a 2-minute-and-then-wait-a-week-for-the-firewall-rules install.