Question 1

How do I configure Canarytokens to send alerts via SMTP instead of Mailgun?

Accepted Answer

Edit the switchboard.env file to set CANARY_SMTP_SERVER, PORT, USERNAME, and PASSWORD, and remove other provider keys. The README provides a complete example, but ensure no other email services are configured simultaneously.

Question 2

Canarytokens vs Canary Tools: which is better for small teams?

Accepted Answer

Canarytokens is free and open-source, ideal for cost-conscious teams wanting self-hosting, while Canary Tools is a commercial product with more features and support. For small teams with technical skills, Canarytokens offers a lightweight start.

Question 3

What are the best practices for deploying DNS tokens in a corporate network?

Accepted Answer

Place DNS tokens in internal subdomains to monitor for unauthorized queries, and use alert throttling to avoid noise. Integrate webhooks with security tools for quick triage, as suggested in the alert management features.

Question 4

How to integrate Canarytokens webhooks with Slack for notifications?

Accepted Answer

Set up a Slack incoming webhook URL in the configuration, but note that the Slack API token is deprecated per the README. Use generic webhooks for posting alerts to channels, though customization may require additional scripting.

Question 5

Is Canarytokens suitable for detecting insider threats?

Accepted Answer

Yes, by deploying tokens like fake documents or URLs, it can alert on unauthorized access by insiders. However, it's passive detection and should be combined with user behavior analytics for comprehensive coverage.

Question 6

How to scale Canarytokens for large enterprises with high traffic?

Accepted Answer

Adjust CANARY_MAX_ALERTS_PER_MINUTE in switchboard.env and ensure robust infrastructure for self-hosting. Consider using load balancers and monitoring database performance, as the README doesn't cover advanced scaling details.

CanaryTokens

What is CanaryTokens?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions