Managed Endpoint Detection and Response


Red Canary includes the technology, process, and expertise to detect attacks and stop breaches without burdening your security teams:

Red Canary Collects All Endpoint Activity


Endpoint Sensors

Visibility into activity across your organization is foundational to threat detection and response. Red Canary uses Carbon Black’s market leading lightweight sensor to continuously record the activity on your laptops, workstations, and servers – including network connections to and from your systems.

 LEARN MORE

Monitoring & Management

True endpoint security requires a significant amount of infrastructure and support. Your team should not be spending time checking server health, patching software, and monitoring performance. Red Canary’s fully hosted and managed solution removes all infrastructure and engineering burdens from your team.

LEARN MORE

The Detection Engine Hunts for Potential Threats


Application Behavioral Analysis

An attacker must take several actions in order to accomplish their objective. Red Canary hunts for hundreds of different patterns of behaviors including execution from abnormal filesystem locations, modification of user accounts, hiding processes from a logged-in user, and an ever growing list of hundreds more

LEARN MORE


User Behavior Analytics

Red Canary builds and continuously updates a baseline of your environment. Every process execution is compared with the baseline to identify unusual activity such as user activity on new endpoints or at abnormal times of day.

LEARN MORE


Threat Intelligence

MD5s, IP addresses, and domains are checked against intelligence from threat intelligence sources for potential matches. This includes cross referencing the entire Red Canary IOC database from historical threats detected across our customers.

LEARN MORE


Binary Analysis

Red Canary inspects every binary that executes in your environment. This includes examining the binary’s code and assessing reputation and pedigree information.

LEARN MORE

Threat Research

Red Canary’s Threat Research Team and Security Operations Center constantly evaluate and improve detection coverage against the newest attacker tactics and techniques.

Malware analysis and teardowns using static analysis and sandbox execution is commonly used to determine the tactics, techniques, and procedures used by the latest attackers. Everything we learn results in new techniques for detection.


Red Canary SOC Investigates Potential Threats


Investigative Tools

Once a potential threat has been identified, a fast and comprehensive triage is essential. Event correlation and enrichment help Red Canary Threat Analysts determine the legitimacy of the threat and its severity.

LEARN MORE


Tuning and Feedback

As a byproduct of the Threat Analyst triage, the Red Canary Analysis Platform collects feedback on suppression, threat scoring, and detection fidelity. Every decision a Red Canary analyst makes teaches the Detection Engine to be more accurate and efficient.

LEARN MORE


Threat Analysts and Forensicators

Red Canary Threat Analysts investigate every potential threat surfaced by the detection technology. Analysts have a deep understanding of application and process behaviors across various operating systems and how threats manifest themselves on your endpoints.

LEARN MORE

You Respond with Power


Actionable Detections

When you receive a threat detection from Red Canary, you know it has been triaged by a human and requires immediate action. Red Canary detections come with the intelligence you need to understand exactly what is happening on your endpoint.

LEARN MORE


Isolation and Response

Every Red Canary detection includes the response actions that you need to control the threat: isolating the endpoint, killing processes, deleting files, capturing files, deleting registry modifications, and banning binaries.

LEARN MORE


Integrations

Red Canary’s open API easily supports integration across your existing security tools. Your Technical Account Manager ensures that Red Canary threat detections and endpoint telemetry are properly integrated into your security program.

LEARN MORE

Technical Account Management

Red Canary Account Managers are an extension of your team. They support your incident response efforts by answering questions about detections and can provide guidance on remediation.

LEARN MORE

Start securing your endpoints today


SEE A DEMO30-DAY ASSESSMENT