We're always looking for new ways to solve more of your problems with the data we use for operations purposes. We look for the problems that typically force you to buy an entirely new tool solely for 10% of the functionality.
A great example of this is File Integrity Monitoring. A key component of many security programs is identifying modifications to specific files or paths. These may be critical system files, paths containing valuable intellectual property, or files that must be tracked for regulatory or compliance purposes.
Red Canary is uniquely positioned to solve that problem because we're observing file modifications and leverage a detection engine that can pull double duty by identifying file modifications of interest.
Launching today to select customers is Red Canary's File Monitoring Insight. Getting started is as simple as defining specific paths and what operation (create, modify, delete) you care about.
Let's say we want to watch for any changes to the
.ssh directories on our MacOS and Linux endpoints. Creating the monitor is simple:
Your File Monitoring Insight then reports any activity that matches any of your monitors. The Insight includes content about the activity including the endpoint, user, and process, as well as links into your Endpoint Detection and Response (EDR) platform to aid your investigation.