Andy sits down with Josh Yavor (CEO, Credible Security) to discuss his experience of a decade of deploying deception technology. From building complex malware analysis environments to protecting sensitive IP during third-party data sharing, Josh explains why canaries deliver high-value signals early in your security journey and shares creative use cases including using canaries during active incident response. 

=================
🔍 IN THIS EPISODE
=================

🪶 Why deception isn’t just for “mature” security programs
📡 Real signals vs. industry reports — what matters more
🔇 Why absence of alerts doesn’t mean absence of value
💡 Creative deployments — from protecting IP to incident response
🧭 Lessons from a decade of making deception work in the real world

============================================================

00:00 Intro
02:05 Why deception isn’t just for mature programs
06:40 Real signals vs. industry reports
10:20 “If it doesn’t fire, is it working?” — why absence of signal doesn’t mean absence of value
15:50 Creative deployments — canaries for IP protection & incident response
22:10 Lessons from a decade of deception

Andy sits down with Didier Vanderbroeck (VP Security & IT, Oleria) to discuss the value he's seen from canaries as a detection mechanism over a 25 year career in security.

Ranging from getting caught by Salesforce's honeypots while running red-teaming post-Slack acquisition, to what AI means for the future of deception technology; Didier shares his insights on what it means to Assume Breach with canaries.