/
What is special about Cyber Crucible canary files?

What is special about Cyber Crucible canary files?

Owned by Dennis Underwood
May 16, 2022
1 min read

Canary files have special data hidden in them, in the event they are ever stolen by an attacker. Cyber Crucible can trace the file back to the original owner.

The file names are mostly-random (called psuedo-random) in a way that attackers cannot identify them and avoid them. The names are created with a special Cyber Crucible math formula, that allows our software to recognize a file as a canary, even if the names are different from machine to machine or file to file.

The ability for Cyber Crucible software to recognize these files also means that there only needs to be one canary file per server, even if thousands of workstations are using the server.

Related content

What are these strange, random looking files I see?
What are these strange, random looking files I see?
Cyber Crucible Knowledge Base
Read with this
Where do canary files files exist?
Where do canary files files exist?
Cyber Crucible Knowledge Base
More like this
Do you have false positives? What is your false positive rate?
Do you have false positives? What is your false positive rate?
Cyber Crucible Knowledge Base
More like this
How does Cyber Crucible use memory analytics?
How does Cyber Crucible use memory analytics?
Cyber Crucible Knowledge Base
More like this
Training Scenario - Signed Ransomware
Training Scenario - Signed Ransomware
Cyber Crucible Knowledge Base
More like this
Cyber Crucible On-Boarding Process
Cyber Crucible On-Boarding Process
Cyber Crucible Knowledge Base
More like this