SAN FRANCISCO, June 02, 2026 (GLOBE NEWSWIRE) -- Kanary, the human attack surface management platform for an agentic internet, today announced integrations with X (formerly Twitter) and LinkedIn, enabling direct monitoring and mitigation for exposed personal data. Kanary members can now manage the doxxing, impersonation, and social engineering risks associated with maintaining personal and professional profiles on social media platforms.
People Are the New Perimeter
The announcement comes as threat actors increasingly treat individuals as the most accessible entry point into organizations. Every executive, employee, and contractor at an organization carries a personal attack surface made up of the sum of their publicly available, exposed, or inferable data across the internet. Social media platforms like X and LinkedIn are the entry point for attackers who are actively mapping that surface. This is where professional identities are built, maintained, and, increasingly, exploited.
“Our integrations with X and LinkedIn give security teams the tools they need to manage the attack surface their people carry with them every day. Investing in protecting your people with a partner like Kanary significantly reduces legal risk, employee churn, and security team burn out associated with battling an infinite attack surface for hundreds of employees. In an agentic internet where AI is weaponizing personal data at machine speed, human attack surface management isn’t optional, it’s a core function of enterprise security,” said Rachel Vrabec, Founder and CEO, Kanary.
Kanary’s Human Attack Surface Management platform is built on this understanding: protecting organizations requires protecting the people who execute the mission, and that starts with understanding what adversaries can see about those people on the open internet.
How Bad Actors Weaponize Social Media: Social Engineering Launch Pad & Fuel
Most of us require some form of public profile to facilitate our personal and professional lives. Bad actors capitalize on this, treating platforms like X and LinkedIn as open-source intelligence goldmines. Within the MITRE ATT&CK framework, social media platforms both accelerate and refine the reconnaissance phase. Malicious actors increasingly leverage automated technologies, including scrapers, bots, and artificial intelligence, to systematically harvest and compile personal information from public social media platforms, effectively transforming them into large-scale surveillance infrastructure that continuously monitors and profiles individuals.
In the stealth phase, social media platforms provide limited protections against fake profiles impersonating the individuals who influence your brand’s reputation, your customers’ trust, and the market reaction. With reduction in tech regulation and deep fake tools, it’s easier than ever to launch social engineering campaigns. According to the 2024 Verizon Data Breach Investigations Report (DBIR), the human element was a component of 68% of all data breaches. That’s not surprising when you consider that Pew Research reports that 47% of even those most confident in their online data privacy skills feel overwhelmed by the amount of work needed to maintain their online presence, and up to 84% skip reading privacy policies.
CISOs, business leaders and advisory firms are now taking on the responsibility to monitor and enforce social media privacy and security settings for the personal accounts of executives, workforces and clients. They are turning to Kanary as the experts to ease this burden.
Kanary Supports The Full Human Attack Lifecycle: Before, During, and After
Kanary users can now protect three critical technical elements of their most influential personal social media profiles.
- Public Posts are scanned for username, name, and other matching personally identifiable information (PII). Risky posts get flagged when there is clear doxxing, intimidation, fraud, or threats of violence. Kanary also identifies non-malicious posts that contain information that can be weaponized or lead to data leaks.
- Profiles are scanned for matches to name, username, and other profile attributes that can inform bad actors. Risky profiles get flagged when they look like impersonation or have been the source of targeted harassment.
- Settings can be audited to identify and correct when MFA is not set up, or lax default privacy or data sharing settings appear on an account.
X and LinkedIn are scanned on a monthly basis by default, or users can choose to scan weekly or daily for more continuous risk monitoring. Screenshots and links to all exposures can be viewed in the dashboard or via the Kanary mobile app. Users are also kept in the loop on all mitigation activity via alerts and email progress reports. Kanary then maps each risk to the type of mitigation that works best across each platform.
When threats materialize into active attacks, Kanary provides structured response and recovery support. Security teams and affected individuals gain the guidance, documentation, and escalation pathways needed to contain damage, manage communications, and restore operational normalcy.
Configurable Scanning Mapped to Risk Exposure
Kanary recognizes that online exposure risk varies significantly across roles, industries, and threat environments. A publicly visible CEO navigating a contentious earnings cycle faces a fundamentally different threat profile than a mid-level finance manager, a security researcher, or a field employee. The platform’s configurable scanning frequency allows security teams to align monitoring intensity with the actual risk posture of each protected individual, increasing coverage for high-value targets during periods of elevated threat, and adjusting dynamically as organizational circumstances change.
This framework for LinkedIn and X represents a strategy unique to Kanary’s approach to mitigating targeted personal attacks across social media networks. Coverage will soon be available across other highly requested social media sources like Instagram, TikTok, and YouTube.
Talk to Kanary to learn more.
FAQ:
What is human attack surface management?
Human attack surface management (HASM) is the practice of identifying, monitoring, and reducing the personal data exposure of individuals that can be found, aggregated, and weaponized by threat actors on the open internet. Unlike traditional attack surface management, which focuses on networks and systems, HASM treats people as the perimeter.
What does Kanary do?
Kanary is a human attack surface management platform that identifies where bad actors find and weaponize personal data online, removes or replaces that data strategically, and provides escalation and incident recovery when threats materialize. Combining AI agents, automated workflows, and a team of experts, Kanary provides a continuous, managed defense against the fastest-growing attack vector in cybersecurity: people.
Can personal data be permanently removed from the Internet?
The short answer is no, personal data cannot be permanently removed from the internet. Ongoing personal data monitoring and mitigation, like the service Kanary provides, is the most effective strategy for continuously suppressing personal information exposure and minimizing human attack surface risk.
Who needs human attack surface management?
Executives, high-profile employees, security teams, and any organization whose people are targets need human attack surface management. Bad actors routinely exploit publicly available personal data like home addresses, phone numbers, family connections, and social media details to launch phishing, social engineering, doxxing, impersonation, and physical threat campaigns against individuals at all levels of an organization.
How does Kanary protect executives and employees on X and LinkedIn?
Kanary scans public posts, profile attributes, and account security settings across X and LinkedIn for personally identifiable information (PII), signs of impersonation, doxxing, active threats, and lax privacy configurations. When risks are detected, Kanary provides mitigation guidance, evidence documentation, and escalation pathways tailored to each platform, helping security teams and affected individuals respond quickly and effectively.
What happens when a threat becomes an active attack?
When a digital threat escalates into an active attack, Kanary provides structured incident response support including guidance, evidence documentation, and escalation paths to help security teams and affected individuals contain damage, manage communications, and restore normal operations as quickly as possible.
How is Kanary different from traditional data removal services?
Unlike traditional data removal services, which focus solely on removing personal information from data broker sites, Kanary addresses the full human attack surface through a combination of AI agents, automated workflows, and security experts. The platform identifies personal data exposure across high-risk sites, integrates with CISO data flows and brand safety workflows, and defends against evolving digital attacks including impersonation, making it a comprehensive digital risk protection solution rather than a one-dimensional opt-out service.
About Kanary
Kanary is the human attack surface platform for the agentic internet. Kanary identifies where bad actors find and weaponize personal data online, removes or replaces that data strategically, and provides escalation and incident recovery when threats materialize. Executives, security teams, government entities and practitioners at enterprises, startups, and non-profits use Kanary to protect against financial loss, physical harm, operational disruption, and reputational damage. Learn more at kanary.com.
Media Contact
Mikala Vidal, Head of Growth
press@kanary.com
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/3bf522ff-f142-45df-afc3-a55a6b9db7ee
https://www.globenewswire.com/NewsRoom/AttachmentNg/03a086e6-08e6-4b13-85a2-a9fd2234d776
https://www.globenewswire.com/NewsRoom/AttachmentNg/6fc7f475-d5b7-4304-b299-d36819fcf030
