investment firm information security

An Investment Firm’s Information Security Strategy: Layering Multiple Partners for a Robust Line of Defense

Suzanne Moore

Cybercriminals attacked the financial services sector more than any other industry last year. A recent research report found that 75% of the top 20 U.S. commercial banks (by revenue) are infected with malware. And another analysis on cyber risk management found that 69% of incidents went undetected by financial security teams for weeks to months. So what is the best line of … Read More

Lack of visibility

Common Security Mistake #1: Lack of Visibility

Phil Hagen

Even mature security teams sometimes make mistakes. This series of blog posts will address common mistakes based on real-world engagements with teams of all sizes and maturity levels. The author, Phil Hagen, is a long-time information security strategist, digital forensics practitioner, and SANS Certified Instructor. Part of Phil’s role at Red Canary is to educate organizations about ways to solve problems … Read More

cost of endpoint detection and response

What’s the Cost of Endpoint Detection & Response?

Suzanne Moore

Every security team is constrained by staff and budget. It’s not surprising, then, that one of the most common questions we hear from security teams is around the cost and ROI of an Endpoint Detection & Response (EDR) investment. For every company considering EDR, it is important you know that it’s far from being a “set it and forget it” … Read More

Outsourcing Security Services

5 Reasons for Outsourcing Security Services

Cory Bowline

Every organization needs to detect threats and immediately respond. But building a detection and response capability requires significant investments and many organizations struggle to assemble the required pieces. The tools are rarely the problem; the hard part is finding a team of experienced analysts, researchers, investigators, and engineers that know how to operate and improve this capability. And while the underlying … Read More

Evaluating MSSPs

Considering an MSSP for Managed Detection and Response? Read this first.

Suzanne Moore

Until recently, organizations that have lacked the resources to build an internal detection and response capability have had few options. They could either (a) purchase an advanced product without properly staffing it; (b) attempt to hire; or (c) use the traditional outsourcing option of a Managed Security Service Provider (MSSP). Last year, Gartner identified Managed Detection and Response (MDR) as … Read More

Carbon Black Response How-tos

How to Baseline and Inventory an Environment in Minutes with Carbon Black Response + Surveyor

Keith McCammon, Chief Security Officer

Years ago, as Red Canary began to scale security operations atop the Carbon Black (Cb) Response platform, we immediately started to identify some common use cases: Incident response and investigations Root cause analysis Inventory Cb Response was built for the express purpose of supercharging the incident response process. Instead of painstakingly collecting terabytes of data that need to be loaded, … Read More

Threat Prevention Not Working

What to Do When Threat Prevention Fails (Hint: It Always Does)

Phil Hagen

Since the dawn of modern information security in the mid-1990s, the industry has been fixated on how to prevent bad things from happening. Yet even a cursory review of headlines shows we’ve not made much meaningful progress toward this goal since then. The bad guys continue to “get in” and cause damage to victims. However, security professionals realize this does … Read More