Your Red Canary team is a part of your security team and exists to ensure your organization is best able to achieve its goals without disruption or distraction. 

For some teams with dozens of security staff, Red Canary is a specialist, serving a specific part of your program. For teams with only one or two IT or security professionals, Red Canary serves in a broader role.

Regardless of your team’s size or scope, your Red Canary team is here to serve and improve your program.

Viewing your Red Canary team

You can view the names and contact information for the members of Red Canary that you primarily interact with.

To view your Red Canary team:

1. Click your profile > Help.
2. The names and contact information for your Red Canary team are listed on the right.

Getting to know your Red Canary team

There are many teams at Red Canary working in concert to defend your organization. Here are a few that you’ll most commonly interact with as we work together:

Sales Representatives & Customer Solutions Engineers

Your sales rep and customer solutions engineers (CSE) are your allies during your exploration of Red Canary. They will understand your needs, other solutions you’ve considered, and whether Red Canary is a good fit for your organization. 

During an evaluation, they will help you define success criteria and help you be confident that Red Canary will fit your needs. This can be done through integrations, testing detection and response with Atomic Red Team, or a variety of other exercises.

Incident Handlers

When an incident occurs, it is not always obvious what to do. Your incident handler is on-call when you need help and provides proactive security architecture and engineering guidance. You’ll typically engage with your incident handler in three primary ways:

• Independent security consultations: Your incident handler loves nothing more than to improve security programs. They are here to help guide you through general security engineering questions or concerns.
• You ask for help: Your incident handler is on-call 24/7/365 if you need help with  investigation support, remediation guidance, or other topics.
• Proactive outreach: Your incident handler will proactively communicate with you if Red Canary identifies a critical threat requiring immediate action. You can tell us how to best communicate with you on your Company Profile.

Customer Success Managers

Your customer success manager (CSM) is your ally, helping you get the most out of your time with Red Canary. Whether onboarding during your first few days with us, periodic business reviews, or anything else in between, your CSM is your primary point of contact at Red Canary.

Detection Engineers

Detection engineers on the Red Canary Cyber Incident Response Team (CIRT) investigate potential threats 24/7/365 using the Red Canary analyst workbench to remove false positives, classify confirmed threats, and provide a detailed timeline of events. They also develop and improve Red Canary behavioral analytics in collaboration with the Intelligence team.

If you ever have a question about why a specific detection was confirmed as threatening, or you are interested in the analytics we used to identify that behavior, your incident handler will get the right detection engineers together to answer your question.

Intelligence Analysts & Threat Researchers

The Red Canary Intelligence and Research teams are responsible for ensuring and improving coverage for attacker behaviors. They do this by performing threat research, analyzing intelligence, and maintaining our detection roadmap.

If you ever have a question about whether Red Canary has coverage or knowledge about a specific threat, ask your incident handler and they’ll get you an answer from the Intelligence team.