Red Canary provides a SaaS-based MDR platform that includes software technology and expert cybersecurity services. Red Canary extends managed detection and response and threat investigation capabilities across your enterprise. We ingest and analyze telemetry and alerts from your EDR, email, IAM, cloud (AWS, Azure, GCP), SIEM, SaaS solutions, network, and other security tools, triage and investigate suspicious activity, and facilitate next steps to resolution–all in a single pane of glass.
A proprietary EDR sensor that monitors and manages Linux environments. Our lightweight agent is designed/optimized for Linux, using minimal resources to minimize disruption. Our team of Linux experts understand threat vectors and the threat landscape Linux
Our built-in security automation orchestration and response (SOAR) platform provides customizable, easy-to-use playbooks so you can go from alert to action faster. Automated playbooks allow you to quickly notify the right people, contain threats, and begin remediation automatically when confirmed threats are found.
Red Canary’s threat hunting team works side-by-side with your team, providing real-time guidance during incidents and ongoing coaching.
Human-led, hands-on-keyboard response acts as an extension of your security team and ensures threats can be mitigated even when your team is unavailable
Red Canary publishes Intelligence Profiles within our customer portal. These profiles are produced by the Red Canary Intelligence Team and describe threats and summarize the behaviors associated with them. These profiles are associated with potentially threatening events, confirmed threats, and other data throughout Red Canary.
Red Canary offers table top and on-demand exercises that enable teams to continuously train for real-world situations.
Atomic Red Team is a library of tests pioneered by Red Canary and now managed by an active open source community that every security team can execute to simulate adversarial activity and validate their defenses. Tests are focused, have few dependencies, and are defined in a structured format that can be used by automation frameworks.