Share

What is a Canary Trap?

What is a Canary Trap?

01

def·i·ni·tion: An effective method for exposing an information leak.

No, it’s not a snare for catching yellow finches! A canary trap is a weapon of espionage! It’s a tool for detecting and plugging information leaks — a clever ploy to determine which canary is singing when under orders to remain silent.

The term was first popularized and described by novelist Tom Clancy in the 1987 best-seller Patriot Games.

Here’s how a canary trap works: a memo with sensitive information is distributed to several individuals (canaries), but the wording varies slightly in each copy of the memo provided. If the information gets leaked to anyone not authorized to receive it, one glance at the leaked text reveals which version of the memo was leaked — the source of the leak is identified!

What’s the relevance? Canary Trap focuses on identifying security vulnerabilities (leaks) for remediation. Working with Canary Trap will improve your organization’s security posture and resiliency.

Setting up a canary trap

Define the scope, goals and objectives underlying the test, including the system(s), network(s), and application(s) being targeted. Identify the testing methods to be used. Canary Trap follows industry best practices including the Penetration Testing Execution Standard (PTES), Open Web Application Security Project (OWASP) “Top 10” and FedRAMP Pen Test Guidance v3.0.

Canary Trap will gather intelligence (e.g., network address ranges, domain names, service providers, etc.) and seek to uncover security vulnerabilities during testing.

Leverage human expertise, automated tools and manual processes to understand how the in-scope targets respond to various intrusion attempts. Canary Trap’s team of elite security experts will identify, enumerate and report on any security vulnerabilities.

We aim to uncover known and unknown vulnerabilities using safe and non-destructive methods of attack. Each step will be documented as to enable you to recreate and validate the method(s) of exploitation.

Draft a comprehensive Report of Findings for your review. Identifying previously unknown vulnerabilities will enable you to chart the best path toward remediation. Successfully remediating any identified security gaps will significantly improve the security resiliency and hygiene of your organization.

Once complete, Canary Trap can be reengaged to undertake a retest to ensure that the identified vulnerabilities have been resolved -and- that the applied fixes haven’t created new vulnerabilities.