Incorporating AI agents into SOC workflows
With the right guardrails, AI agents quantifiably improve speed in your security operations center, without compromising accuracy
The Red Canary Blog: Information Security Insights
Shrinking the haystack: The six phases of cloud threat detection
1 week 2 days ago
Red Canary parses through 6 billion telemetry records per day to detect threats in our customers’ cloud environments. Here’s how we do it.
Brian Davis
Shrinking the haystack: Building a cloud threat detection engine
1 week 2 days ago
A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats
Brian Davis
Intelligence Insights: December 2024
4 weeks ago
Paste and run persists and HijackLoader cuts the line to drop LummaC2 in this month's edition of Intelligence Insights
The Red Canary Team
Red Canary’s best of 2024
4 weeks 2 days ago
As Red Canary wraps up our first decade, take a look back at our best blogs, videos, guides, and webinars of the year.
Susannah Clark Matt
A defender’s guide to identity attacks
1 month ago
Everything defenders need to know about identity attack technqiues and how to protect your users and assets
Laura Brosnan
Single sign-on, double trouble: Credential theft using AWS access tokens
1 month ago
SSO access tokens can buy adversaries more time as they exfiltrate credentials and other sensitive information from a victim’s AWS CLI
Jesse Griggs
The three keys to threat hunting
1 month ago
Over the last decade, we’ve built Red Canary’s threat hunting framework to be deliberate, proactive, and iterative
Darrell Bohatec
Red Canary: At the heart of your security operations
1 month 1 week ago
Red Canary's ecosystem of integrations and tech partnerships ensures you have the data, tools, and expertise to keep your organization safe.
Kelly Horsford
The dark cloud around GCP service accounts
1 month 1 week ago
Google Cloud Platform security: How our threat research team gets from “huh, that's weird” to robust detection coverage
Dave Bogle
Storm-1811 exploits RMM tools to drop Black Basta ransomware
1 month 2 weeks ago
Storm-1811's latest help desk scam begins with email bombing leading to IT impersonation and ends with Black Basta ransomware
Red Canary Intelligence
Safeguard your identities with Red Canary + CrowdStrike Falcon® Identity Protection
1 month 3 weeks ago
Stay ahead of modern adversaries with real-time identity monitoring, threat detection, and response from Red Canary and CrowdStrike Falcon
Kelly Horsford
Intelligence Insights: November 2024
1 month 3 weeks ago
LummaC2 sets the table and gobbles up sensitive information in this month's edition of Intelligence Insights
The Red Canary Team
Why CISOs under consolidation pressure are embracing Microsoft Security solutions
2 months ago
Microsoft’s unified security workloads, combined with Red Canary’s detection and response expertise, can simplify your security posture.
Cordell BaanHofman
Stealers evolve to bypass Google Chrome’s new app-bound encryption
2 months ago
In spite of Chrome’s new encryption feature, infostealers like Stealc, VIdar, and LummaC2 are still getting their hands in the cookie jar.
Keith McCammon
Explore the new Atomic Red Team website
2 months ago
The redesigned Atomic Red Team website features a new browser interface, improved search capabilities, and easier test execution
Phil Hagen
From the dreamhouse to the SOC: Ken’s guide to security
2 months ago
Unboxing some of the year’s most prevalent threats with detection and prevention guidance from Barbie’s boyfriend
Laura Brosnan
Artificial authentication: Understanding and observing Azure OpenAI abuse
2 months 2 weeks ago
Adversaries can compromise key material in Azure OpenAI to host malicious models, poison trained models, and steal intellectual property.
Matt Graeber
Intelligence Insights: October 2024
2 months 3 weeks ago
LummaC2 lurks thanks to PowerShell pasting in this month's edition of Intelligence Insights
The Red Canary Team
Apple picking: Bobbing for Atomic Stealer & other macOS malware
3 months 1 week ago
Your company’s Apple devices are ripe for attacks using macOS malware such as Atomic Stealer. Here’s what to look out for.
Laura Brosnan
Checked
5 hours 6 minutes ago