Kanary, the human attack surface management platform for an agentic internet, has announced new integrations with X (formerly Twitter) and LinkedIn. These integrations allow for direct monitoring and mitigation of exposed personal data on these social media platforms. Kanary members can now manage risks associated with doxxing, impersonation, and social engineering that stem from maintaining personal and professional profiles online.
People Are the New Perimeter
The announcement comes as threat actors increasingly target individuals as the most accessible entry point into organizations. Every executive, employee, and contractor carries a personal attack surface composed of their publicly available, exposed, or inferable data across the internet. Social media platforms like X and LinkedIn serve as entry points for attackers actively mapping that surface. Professional identities are built, maintained, and increasingly exploited on these platforms.
“Our integrations with X and LinkedIn give security teams the tools they need to manage the attack surface their people carry with them every day,” said Rachel Vrabec, Founder and CEO of Kanary. “Investing in protecting your people with a partner like Kanary significantly reduces legal risk, employee churn, and security team burnout associated with battling an infinite attack surface for hundreds of employees. In an agentic internet where AI is weaponizing personal data at machine speed, human attack surface management isn’t optional; it’s a core function of enterprise security.”
Kanary’s Human Attack Surface Management platform is built on the understanding that protecting organizations requires protecting the people who execute the mission. This starts with understanding what adversaries can see about those people on the open internet.
How Bad Actors Weaponize Social Media
Most individuals require some form of public profile to facilitate personal and professional lives. Bad actors capitalize on this, treating platforms like X and LinkedIn as open-source intelligence goldmines. Within the MITRE ATT&CK framework, social media platforms accelerate and refine the reconnaissance phase. Malicious actors leverage automated technologies, including scrapers, bots, and artificial intelligence, to systematically harvest and compile personal information from public social media platforms. This effectively transforms them into large-scale surveillance infrastructure that continuously monitors and profiles individuals.
In the stealth phase, social media platforms provide limited protections against fake profiles impersonating individuals who influence brand reputation, customer trust, and market reaction. With reductions in tech regulation and the availability of deep fake tools, launching social engineering campaigns has become easier than ever. According to the 2024 Verizon Data Breach Investigations Report, the human element was a component of 68% of all data breaches. This is not surprising given that Pew Research reports 47% of even those most confident in their online data privacy skills feel overwhelmed by the amount of work needed to maintain their online presence, and up to 84% skip reading privacy policies.
