For customers with a Red Canary subscription, managed detection and response (MDR) currently comprises threat investigation capabilities across many security products:
| Provider | Supported Platform | Class of Security Data | Ingestion Method(s) |
| Amazon |
GuardDuty |
Cloud |
API poll |
| Cisco |
Firepower |
Network |
|
| Cisco |
Umbrella |
Network |
|
| Darktrace |
Enterprise Immune System |
Network |
|
| Dragos |
Platform |
Operational Technology (OT) |
Syslog |
| Fortinet |
FortiGate |
Network |
Syslog |
| Microsoft |
Azure Active Directory Identity Protection |
Identity |
API poll (via Microsoft Graph) |
| Microsoft |
Defender for Identity |
Identity |
API poll (via Microsoft Graph) |
| Microsoft |
Office 365 Security and Compliance |
API poll (via Microsoft Graph) |
|
| Okta |
Workforce Identity |
Identity |
API poll |
| Palo Alto |
PAN-OS |
Network |
Syslog |
| Palo Alto |
Threat Prevention |
Network |
Syslog |
| Palo Alto |
WildFire |
Network |
Email and Syslog |
| Proofpoint |
Targeted Attack Protection (TAP) |
API poll |
Comments
0 comments
Please sign in to leave a comment.