A Guide to Evaluating EDR Security Products: 15 Critical Questions to Ask

Suzanne Moore

The EDR market is booming. A recent Gartner report found that the EDR market more than doubled in 2016, and another analysis predicts the number of organizations using EDR security products will triple over the next five years. However, growth does not come without challenges. Many security teams struggle to define the right questions to ask when looking to add EDR … Read More

Encode All the Things! Investigating PowerShell Attacks

Joe Moles

The year 2016 saw an ever-increasing level of malware authors focusing on default tools built into the operating system. For example, the increase of PowerShell in use today has led many malware authors to work out interesting ways to avoid detection by encoding and obfuscating their methods. To aid security professionals in investigating PowerShell attacks, Red Canary wants to share how … Read More

Security Architect Lessons: What I Learned Managing and Assessing Cyber Risk at a Fortune 200

Michael Haag

I worked as the security leader of a global Fortune 200 organization for two years, where I was responsible for cyber security strategy, architecture, and risk reduction during an extended phase of rapid growth and acquisition. I focused on ensuring we had visibility across the most vital layers while working with each entity to mature their security posture and address … Read More

Improving Detection and Response: Can Thinking Backward Move Your Security Forward?

Chris Rothe

Recently I’ve been pondering a way of thinking about detection and response. In my mind it is called “Response-Enabled Detection” and it reminds me of the golf strategy of playing a hole backwards. Most of us amateur golfers stand on the tee box and try to pick a spot to hit the ball based on our current perspective. From there … Read More

Endpoint security vs network security

Endpoint Security vs Network Security: Where to Invest Your Budget

Phil Hagen

We frequently receive variations of one question in particular: If I can only invest in one kind of visibility solution, should it be a network or endpoint solution? As an endpoint-focused company you may expect we provide a neatly canned, knee-jerk response favoring our platform. However, the reality is never that simple. As you might expect, each of these platforms … Read More

Build vs. Buy: Not Mutually Exclusive

Keith McCammon, Chief Security Officer

The “build vs buy” debate in security technology has been argued so many times that there are few unique positions left to take. Builders prioritize flexibility and control, while buyers prioritize predictable performance, scale, cost, and results. The debate continues not because there are groundbreaking arguments in favor of one or the other. The build vs buy debate continues because … Read More

Endpoint Detection & Response (EDR) Evaluation Guide: 13 Questions You Need to Answer

Cory Bowline

With endpoint security spending forecasted to grow annually by 48% through 2020, thousands of companies are including Endpoint Detection and Response (EDR) products and services in their security posture. During our discussions with many of those companies, we’ve seen many struggle to define the right questions to ask vendors in this newly developing market. We’ve compiled the following list of questions from both some of … Read More