2025 Threat Detection Report: Practitioner playbook
Inspired by our newly released Threat Detection Report, here are five things defenders can do right now to strengthen their security posture.
The Red Canary Blog: Information Security Insights
Intelligence Insights: March 2025
1 week 6 days ago
Worms break ground and fake browser updates march forward in this month's edition of Intelligence Insights
The Red Canary Team
What does Google’s $32B acquisition of cloud security startup Wiz mean for security operations?
1 week 6 days ago
Cloud security is a rapidly accelerating challenge for security operations—a trend highlighted in our 2025 Threat Detection Report.
Keith McCammon
Identity attacks and infostealers dominate the 2025 Threat Detection Report
2 weeks 1 day ago
Our annual analysis brings you a year’s worth of security operations and intelligence insights, with actionable guidance on every page.
Susannah Clark Matt
Red Canary named a Leader in MDR
3 weeks 6 days ago
We wrote the playbook on detection-as-code detection engineering. Forrester now recognizes us among top vendors in the MDR market.
Kelly Horsford
Dive into the Red Canary Security Data Lake
4 weeks 2 days ago
Red Canary now offers cost-efficient data storage that improves your security posture. Learn more about our new Security Data Lake offering.
Dylan Solomon
Polishing Ruby on Rails with RSpec metadata
1 month ago
RSpec metadata helps Red Canary’s engineers generate clean and consistent tests in our Ruby on Rails application
Tom Bonan
Intelligence Insights: February 2025
1 month 1 week ago
Infrared Ibis infiltrates Chrome extensions and Saffron Starling surprises in this month's edition of Intelligence Insights
The Red Canary Team
Defying tunneling: A Wicked approach to detecting malicious network traffic
1 month 2 weeks ago
Follow the yellow brick tunnel for malware analysis of RATs and worms and spyware, oh my! Read our deep dive on network tunneling.
Tony Lambert
CopyObjection: Fending off ransomware in AWS
1 month 3 weeks ago
Why automated response is a necessity to thwart ransomware attacks in Amazon Web Service cloud environments
Jesse Griggs
The unusual suspects: Effectively identifying threats via unusual behaviors
2 months ago
In the world of identity, cloud, and SaaS, we must move beyond detecting explicitly malicious behaviors to detecting unusual behaviors.
Sam Straka
Intelligence Insights: January 2025
2 months 1 week ago
DarkGate returns and the Tangerine Turkey VBS worm peels off of USBs in this month's edition of Intelligence Insights
The Red Canary Team
Tangerine Turkey mines cryptocurrency in global campaign
2 months 1 week ago
Named by Red Canary, Tangerine Turkey is a VBscript worm delivered via USB that ultimately drops a cryptomining payload
Stef Rand
What we learned by integrating with Google Cloud Platform
2 months 1 week ago
An engineer behind Red Canary’s GCP integration recounts how we remodeled our detection engine to ingest millions of new telemetry logs
Whil Piavis
Incorporating AI agents into SOC workflows
2 months 2 weeks ago
With the right guardrails, AI agents quantifiably improve speed in your security operations center, without compromising accuracy
Jimmy Astle
Shrinking the haystack: The six phases of cloud threat detection
2 months 3 weeks ago
Red Canary parses through 6 billion telemetry records per day to detect threats in our customers’ cloud environments. Here’s how we do it.
Brian Davis
Shrinking the haystack: Building a cloud threat detection engine
2 months 3 weeks ago
A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats
Brian Davis
Intelligence Insights: December 2024
3 months 1 week ago
Paste and run persists and HijackLoader cuts the line to drop LummaC2 in this month's edition of Intelligence Insights
The Red Canary Team
Red Canary’s best of 2024
3 months 2 weeks ago
As Red Canary wraps up our first decade, take a look back at our best blogs, videos, guides, and webinars of the year.
Susannah Clark Matt
A defender’s guide to identity attacks
3 months 2 weeks ago
Everything defenders need to know about identity attack technqiues and how to protect your users and assets
Laura Brosnan
Checked
8 hours 9 minutes ago