Your Red Canary platform brings together information critical for security operations. This includes both security event information and information about the endpoints and identities that make up your organization.
Red Canary provides a fast navigation or jump-to system to allow you to quickly find the information you’re looking for in the Red Canary platform. Simply begin typing anything in the top bar or press Ctrl/⌘-K:
What can I find with fast navigation?
The complete list of fields indexed for fast navigation is too exhaustive to list here, but you’ll be able to jump to:
- Pages, views, and reports by typing their name or keywords
- Usages of IP addresses, MAC addresses, or hostnames by typing any of those values
- Adversary techniques by typing their name, identifier (T1234), or keywords in their description
- Identities by typing their usernames, domain names, etc.
- Endpoints by typing their hostnames, IP addresses, MAC addresses, etc.
- Threats by typing keywords from their description, relevant process names, IP addresses, adversary techniques, etc.
- Analyzed events by typing the names, hashes, or paths of the associated process, adversary techniques, endpoint hostnames, identities, etc.
- Alert sources by typing their descriptive name, product name, etc.
- External alerts by typing the alert’s identifier or URL from its source platform, items from the alert’s correlation points or analysis context, hashes or paths of the associated process, endpoint hostnames, identities, etc.