Haroon Meer

@[email protected]
1.1K Followers
290 Following
452 Posts
Security Geek at Thinkst. We build https://canary.tools (he/him)
Canaryhttps://canary.tools
Bloghttps://blog.thinkst.com
Haroon Meer8h ago

A quick thought on RSAC (while flying home).

On why the show floor keeps making promises it cant keep (and why Dave Aitel actually had a valid point¹).

https://blog.thinkst.com/2026/03/rsac-infosec-themes-and-crumby-products.html

__
¹ All those years ago

RSAC, Infosec-themes, and crumby products

Why is the RSAC floor so dominated by promises that can’t be kept? Because incentives..

Thinkst Thoughts
Haroon Meer11h ago

Important, business-critical need..

A sticker vendor aware of Apples corner radius..

Haroon Meer1d ago

RSAC was more subdued this year.

Although the floor was plastered in AI, AI protection & Agentic*, everyone knows its a placeholder while we figure things out..

So it's more performative than normal:
Vendors act like they have the solutions & attendees act like they believe it

Haroon Meer3d ago
Thinkst Canary3d ago
At #RSAC this year? Swing by our booth (N-6445) to talk about detection that works (and why small details matter).
Haroon Meer5d ago

We’ve always had a problem with least privilege, but users needed to be owned for it to visibly hurt the enterprise.

Kevin didn’t know what to do with the extra creds, but his agent will.

Maybe the first run of the “paperclip” problem will be agents wiping shares to save us..

Haroon Meer6d ago

Only just caught up with this older episode of “Inside the Network” with Michelle Zatlyn.

Cloudflare impressively manages to keep shipping cool stuff despite their size, and she shares a bunch of down-to-earth, startup advice (even for non cyber-sec startups).

https://pca.st/episode/9af0baa8-8907-4405-a362-22a7267c4186

Michelle Zatlyn: Scaling Cloudflare to a $70B giant and building a better Internet

In this episode of Inside the Network, we sit down with Michelle Zatlyn, Co-founder and President of Cloudflare, one of the most iconic Internet infrastructure companies in the world. From its launch…

Haroon MeerMar 16

A common startup meme has been how shipping velocity trumps all.

With people on the fringes “shipping” thousands of lines of code per day, it’s now “obvious” that startups should be adopting this new paradigm and just —yolo’ing it…

Except maybe… not.

Apple and google have long had (near)infinite dollars to hire ppl to generate thousands of lines of code per day… but great products are much more than just code velocity..

Run the idea maze.. build beautiful things.. org tempo matters, not klocs of slop…

Haroon MeerMar 2

When we first showed up at BlackHat as unknown S Africans, we were kinda shellshocked (& awestruck) by it all.

FX was one of the first people to pull us in & hung out with us. We kept in touch but not nearly as much as I should have.

He will be missed.

https://blog.recurity-labs.com/2026-03-02/Farewell_Felix

Farewell, Felix · The Recurity Lablog

Haroon MeerMar 2

It sounds childish, but the weirdest part of how we seem to be marching towards wars & global uncertainty, is how unnecessary it seems 🤷‍♂️

(“Evil” sounds too judgmental, but) this seems like the stage we’ll later recall as “the banality of evil”

Haroon MeerFeb 23
Thinkst CanaryFeb 23

It’s no secret that adversaries love (ab)using security tooling . So..

Rad just shipped our latest Canarytoken to exploit this: a CrowdStrike API Key Canarytoken!

Attackers who find it, have to use it - and when they do, they expose themselves.

https://blog.thinkst.com/2026/02/introducing-the-crowdstrike-api-key-canarytoken.html