Security Architect Lessons: What I Learned Managing and Assessing Cyber Risk at a Fortune 200

Michael Haag

I worked as the security leader of a global Fortune 200 organization for two years, where I was responsible for cyber security strategy, architecture, and risk reduction during an extended phase of rapid growth and acquisition. I focused on ensuring we had visibility across the most vital layers while working with each entity to mature their security posture and address … Read More

Cut Your Time to Respond With Red Canary + PagerDuty

Brian Beyer

Over the years, our customers have integrated Red Canary detection notifications into a variety of tools. A few of the more common integrations include: Shared incident response email lists Webhooks into JIRA issue tracking systems Syslog into SIEMs Splunk using the Red Canary API Today, we are excited to announce our newest integration and partnership: PagerDuty. Red Canary customers can now instantly receive threat … Read More

detailed virtual planet

Improving Incident Response with Autonomous System Numbers

Phil Hagen

Once the sole domain of network operations teams, the Autonomous System Number has become a valuable data point for the digital forensic and incident response team as well. Autonomous System Numbers, or AS Numbers, designate the owner blocks of IP addresses. For example, an ISP like Comcast Communications owns thousands of net blocks consisting of millions of IP addresses – … Read More

Integrating Red Canary & Sumo Logic

Keith McCammon, Chief Security Officer

A key step in the Red Canary on-boarding process is understanding customers’ processes and tools so we can configure integrations that minimize the need for IT and security analysts to break workflow and access yet another system. When everything from our context-rich detections to raw endpoint telemetry is integrated with your existing systems, you get immediately useful context without needing to learn a new tool or workflow. We are going … Read More