Andy sits down with Josh Yavor (CEO, Credible Security) to discuss his experience of a decade of deploying deception technology. From building complex malware analysis environments to protecting sensitive IP during third-party data sharing, Josh explains why canaries deliver high-value signals early in your security journey and shares creative use cases including using canaries during active incident response. 

=================
🔍 IN THIS EPISODE
=================

🪶 Why deception isn’t just for “mature” security programs
📡 Real signals vs. industry reports — what matters more
🔇 Why absence of alerts doesn’t mean absence of value
💡 Creative deployments — from protecting IP to incident response
🧭 Lessons from a decade of making deception work in the real world

============================================================

00:00 Intro
02:05 Why deception isn’t just for mature programs
06:40 Real signals vs. industry reports
10:20 “If it doesn’t fire, is it working?” — why absence of signal doesn’t mean absence of value
15:50 Creative deployments — canaries for IP protection & incident response
22:10 Lessons from a decade of deception