To view Detection Analytics (Detectors), click Analytics from the navigation menu. Here, you’ll find a list of threats observed by Red Canary, a brief description of the threat, and the attack techniques observed. This list shows what types of threats Red Canary is looking for when ingesting your telemetry.
Click Attack Techniques to view a heatmap, similar to the Heatmap found under Threats, that shows MITRE ATT&CK™ tactics and techniques Red Canary observes to discover potentially threatening events and active threats in your data. Click Export Navigator Layers to view prevalent techniques over the past several years.
See what critical system information, such as system files and paths, are being modified by clicking File Activity Monitors. From here, you can create new file activity monitors and set up automation to be notified when a modification occurs.
To view software that Red Canary has observed in your organization and classified as Unwanted or may be unauthorized, click Applications. If a product is considered Unwanted by Red Canary but used in your organization, toggle the Status here to no longer receive threats when this product is observed.