Session

Tiny little birds!

In this talk, I am going to talk about canary tokens: digital tripwires that help protect company's assets and infrastructure. This involves going into the depth of an incident, and how canary tokens saved the day. This talk draws upon a recent incident at Grafana that could have caused severe reputational damage, which was quickly prevented.

The topics are:
1. What are canary tokens?
* Building your canary token infrastructure
* Canary token lifecycle
2. Canary tokens and TruffleHog to the Rescue!
3. Canary tokens placement strategies
4. Incident response strategies
* Zizmor and other linters
* Gato-X
* Secret storage
5. Conclusion
6. Q&A

The talk is based on this article: https://grafana.com/blog/2025/08/25/canary-tokens-learn-all-about-the-unsung-heroes-of-security-at-grafana-labs/


How do you know you are compromised?

Mostafa Moradian

Head of Security

Stockholm, Sweden

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top