Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎08-31-2025 06:22 PM
‎08-31-2025 06:22 PM

Canary tokens: Learn all about the unsung heroes of security at Grafana Labs

Hi All

 

This is not promoting Grafana Labs merely mentioning their techniques to protect themselves via Canary Tokens, which could be used within other organisations to reduce the amount of time taken to hunt down the intrusion.

 

Canary tokens are digital tripwires or decoys that look valuable to an intruder but have no legitimate use. If someone finds and uses one you’ve deployed, you’ll receive an immediate alert.

Named after coal-mining canaries (early warning for toxic gas), these tokens are far lighter than honeypots. They can take many simple forms, such as API keys, files, URLs, or DNS entries, making them fast and easy to deploy across your environment.

In our case, canary tokens weren’t just an experiment, they were the primary signal that told us an attacker was inside: An AWS API key was validated by the attacker; we got a real-time alert; teams swarmed; and the intrusion was contained within minutes.

 

https://grafana.com/blog/2025/08/25/canary-tokens-learn-all-about-the-unsung-heroes-of-security-at-g...

 

Regards

 

Caute_cautim

Reply
1 Reply
dcontesti
Community Champion
‎09-01-2025 12:55 PM
‎09-01-2025 12:55 PM

Great write up thank you for sharing.

 

Funny how old things become new again (Canaries in a Coal Mine).

 

Many moon ago when the economy went down (crashed), and folks were being Laid off, we looked around to see if there were any Canaries.....sad really.

 

 

 

Reply