A user experience designed to simplify your deployment through response.
Deploy in seconds.
Windows, Mac OS X, and Linux; native, virtualized, or in the cloud. Most customers get started in less than an hour.
Exactly what you need to know.
Your Red Canary portal is clear, concise, and helps you understand your organization and respond to threats. We promise not to overwhelm you with useless features, graphs, and charts.
Integrate with everything.
Red Canary integrates freely into your workflow through APIs and our email, SIEM, and webhook connectors.
Quickly see everything that happens on every one of your endpoints.
Our kernel sensor proactively records and maintains the relationships of immense amounts of endpoint activity while using less than 1% of CPU and 8Mb of RAM.
Tag your endpoints by region, purpose, business unit or any other type of organizational information. You’ll then see that tag whenever we detect a threat to that endpoint.
Quickly ascertain what users are active on your endpoints, what applications they are using, and inventory your assets.
The most comprehensive and strategic endpoint threat detection technology on the market.
1. Multi-Dimensional Threat Detection.
Red Canary combines binary analysis, behavioral analysis, analytics, and threat intelligence to identify threats.
2. Automated Threat Hunting.
Our Threat Detection Engine uses all four detection technologies to continually analyze every piece of endpoint activity in search of threats.
3. Automated Correlation.
The Threat Detection Engine correlates the events it identifies by endpoint. A multi-stage attack might have 10-20 unique events that are all linked together automatically, in real-time.
4. Automated Risk Scoring.
Each grouping of events is assigned a risk factor. A high likelihood for danger is prioritized to the top of our analyst’s queue for immediate review.
What we detect
Red Canary detects a wide variety of threats to your organization, including:
- 0-day threats
- Multi-stage attacks
- Obfuscated executables
- SSL MITM
- Lateral movement
- Insider threats
- Abnormal user behaviour
The intelligence and tooling you need to respond to a threat within 90 seconds.
Red Canary delivers an unmatched ability to instantly understand the root cause of every event on an endpoint with its process tree visualization. Incident response takes a fraction of what it used to.
Our intuitive detections categorize threats, show how we detected it, and what endpoints are affected. Every detection includes a timeline that weaves together indicators of compromise with relevant endpoint activities so you understand the threat and how to respond.
Automated Response from Anywhere.
Responding to threats with Red Canary is simple: isolate the endpoint, craft a response plan, and execute using point-and-click tooling. As long as your employees are connected to the Internet, you can remotely respond to a threat regardless of where they are located.
The experience, management and continuous involvement demanded by advanced security.