Red Canary exists to help our customers dramatically improve their security. The biggest way we do that is activating a full Endpoint Detection & Response capability. That capability combines technology to detect interesting events, a security operations team that investigates and confirms threats, and a platform that allows for fast response.

As we improve our customers' security, they mature to want to look behind the curtain about the raw "events" Red Canary is identifying from the continual streams of activity we process.

We're excited to expose this information to a select group of our customers who want to incorporate this data into the rest of their security stack. Our Incident Handlers are excited to help them take advantage of this deeper level of insight that exposes:

  • Every potentially interesting event that Red Canary's behavioral detection, analytics, threat intelligence, and other detection techniques identify
  • Information about the techniques we used to detect those events, including the statistical likelihood of how much impact that event will have on your organization.
  • Access to one of the most powerful features of the Red Canary platform: our Suppression Engine. This API allows users to specify criteria that is acceptable within their environment and prevent those events from being raised in the future.

Learn more in your Red Canary portal at Administration > API > Events or talk to your Incident Handler.

Did this answer your question?