Red Canary can add comments to alerts and update their states for several supported alert sources. This is know as "state and comment synchronization".
Red Canary supports state and comment synchronization for the following alert sources:
- Crowdstrike Falcon Insight: EDR
- Elastic Security
- Microsoft Defender for Endpoint
- Microsoft Azure Sentinel
- Microsoft Graph V2
- SentinelOne
Note: If Red canary supports your alert source, you nevertheless still need to enable the platform in your alert source configuration.
Comments
0 comments
Please sign in to leave a comment.