Trusted by Security Teams Worldwide

High-Confidence Breach Detection — Without Hardware

Drop invisible tripwires across your infrastructure. Canary tokens in documents, VM agents on servers, honeypots in cloud storage. Know the moment an attacker touches your data - before they know you're watching.

Join the Beta See VM Agents

No credit card required Air-gap compatible SOC 2 ready

$ signal-canary deploy --type vm-agent
Generating Linux agent... done
Embedding canary tokens... done
Download: signal-canary-agent-v2.4.ova (148 MB)
$ signal-canary monitor
Listening for canary activations...
ALERT: Honeypot accessed from 203.0.113.42
Organization: Acme Corp (ASN 12345)
File: /share/credentials/aws-keys.txt
15+
Canary Types
Instant
Alerts
No
Hardware Required
Free
Tier Available

The Only Self-Serve VM Agent Builder

Generate and download custom Linux, Windows, or container agents in minutes. Deploy to cloud, on-prem, or air-gapped environments. No hardware to buy, no consultants to hire. Just download, deploy, and detect.

Build Your First Agent

Enterprise-Grade Breach Detection

Multiple layers of invisible protection - from documents to infrastructure

Canary Tokens

Fake AWS keys, database credentials, API tokens. Plant them anywhere. Know instantly when attackers test stolen secrets.

Honeypot Documents

Word, Excel, PDF with invisible tracking. "Confidential_Salaries.xlsx" triggers alerts when opened by unauthorized users.

VM Agents

Deploy sensor VMs that monitor file access, network traffic, and credential usage. Works in air-gapped environments.

Organization Attribution

Know WHO accessed your canaries. IP-to-company resolution with confidence scoring. Track corporate espionage, not bots.

Real-Time Alerts

Slack, email, webhooks, or SIEM integration. Full forensics: IP, geo, device, ASN. Playbook automation for IR teams.

Air-Gap Mode

For classified environments. Agents log locally, encrypted export via USB. No internet required. FIPS-ready.

Deploy Anywhere

Download ready-to-run agents for any environment

Linux

OVA, ISO, or Docker

Windows

MSI installer

Docker

Container image

Kubernetes

Helm chart

Air-Gap

Offline mode

Built for Security Teams

From SOC analysts to incident responders

Insider Threat Detection

Plant honeypot files in HR shares. Know instantly when employees access files they shouldn't.

Credential Theft Detection

Canary AWS keys in repos, fake passwords in config files. Catch attackers testing stolen creds.

Lateral Movement Detection

VM agents on decoy servers. Attackers who pivot to your honeypot expose themselves.

Data Exfiltration Monitoring

Track sensitive documents. Know when they're opened outside your network.

Compliance & Audit

Immutable audit logs, chain-of-custody reports. Evidence-grade forensics for legal proceedings.

Red Team / Purple Team

Validate detection coverage. Test if your SOC catches canary activations during exercises.

Transparent Pricing

Start free, scale as you grow. No hidden fees.

Free

$0/mo
  • 3 Document Canaries
  • 2 URL Canaries
  • 1 Credential Canary
  • Email Alerts
  • 7-day Retention
  • 1 GB Storage
  • No VM Appliances
Coming Soon

Pro

$99/mo
  • 25 Document Canaries
  • 10 URL Canaries
  • 5 Credential Canaries
  • 1 VM Appliance
  • Webhook Alerts
  • 30-day Retention
  • 10 GB Storage
  • Priority Support
Coming Soon

Enterprise Core

$499/mo
  • 250 Document Canaries
  • 100 URL Canaries
  • 50 Credential Canaries
  • 5 VM Appliances
  • SIEM Export
  • Canary Revocation
  • 90-day Retention
  • 50 GB Storage
  • 24/7 Support
Coming Soon

Enterprise Plus

$1,999/mo
  • Unlimited Document Canaries
  • Unlimited URL Canaries
  • Unlimited Credential Canaries
  • 25 VM Appliances
  • Air-Gap Licensing
  • Configurable Limits
  • 365-day Retention
  • 250 GB Storage
  • Dedicated Account Manager
Contact Sales

All paid plans include a 14-day free trial. No credit card required to start.

Private Beta

Join the Beta

We're looking for security professionals to help test Signal Canary before public launch. Sign up below and we'll be in touch soon.

Catch Breaches Before They Become Headlines

Be among the first to deploy enterprise-grade canary detection.

Join the Beta