Red Canary Exec: Security Automation and Orchestration Tools

Introducing Red Canary Exec, a New Security Automation Solution

Joren McReynolds

Threats can occur at any time of the day. They don’t care if you’re sleeping, if it’s the weekend, if you’re on vacation, or if you’re short-staffed. For many security teams, it’s a struggle to meet the time sensitivity requirements of containing and remediating threats. What happens when a threat hits your network at 3 a.m.? How do you enforce … Read More

retain security operations staff

4 Strategic Approaches to Retaining Security Operations Staff

Frank McClain

Search the internet on the subject of “InfoSec talent shortage” and you will get enough results to keep you busy for a long time. But if you’re in management or another leadership role, you don’t need the internet to prove there’s a problem. You feel the pain every time you search for a good candidate to fill an open position, … Read More

What Makes an Effective Security Architecture? (It’s Not More Products…)

Michael Haag

For much of the cybersecurity industry, purchasing new products every few years is the status quo to “staying ahead” of adversaries. We’ve built moats, extra high castle walls with barbed wire, added sharks with laser beams to the water, fortified the castle door—yet somehow, something evil still creeps its way in. The reality is, we need core cybersecurity products and … Read More

Threat Detection: Spearphishing Attack

Speared in a Click: Documents with Executables

Keya Horiuchi

Clicking on an attached document or link in an email can be the initial action that brings down a network. In the second it took you to read the first sentence, that click could have set off a chain of quiet, unseen commands. It could have executed PowerShell commands in the background, downloaded and executed additional payloads from an external … Read More

Red Canary and Endgame

Red Canary and Endgame Announce Partnership

Keith McCammon, Chief Security Officer

We are very excited to announce that Endgame and Red Canary have partnered to integrate Endgame’s endpoint telemetry into the Red Canary platform. Our teams have worked together for years on research, mapping adversary techniques to ATT&CK™, and most recently on designing Endgame’s streaming APIs for this integration. Endgame now supports the collection of not only process-level telemetry, but a … Read More

SANS endpoint survey

SANS Endpoint Survey: Too Many Tools and Alerts

Keith McCammon, Chief Security Officer

The SANS Institute recently published the results of its annual Endpoint Protection and Response survey through a report written by Lee Neely and advised by Alissa Torres. The report includes a number of statistics and a long list of takeaways, but the key findings it uncovered are: We have too many tools We have too many alerts Neither of these … Read More

MDR Buyer's Guidelines

3 Areas to Consider When Looking for a Managed Detection and Response Partner

Michael Haag

Gartner estimates that 15% of organizations will be using managed detection and response (MDR) services by 2020, up from less than 5% today. For many buyers (including myself), past bad experiences can make it difficult to consider outsourcing critical components of your security program. Whether the experience was caused by poor service, ineffective product, or a vendor who did not … Read More