The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Lateral Movement Using WinRM and WMI
Detection Engineering: Setting Objectives and Scaling for Growth
Exploring the phases of incident response: visibility, containment, & response
Select Topic
Researchers, Assemble! Why Red Canary is a Founding Sponsor of MITRE’s Center for Threat-Informed Defense
ATT&CK T1501: Understanding systemd service persistence
Debriefing ATT&CKcon 2.0: Five great talks at MITRE’s ATT&CK conference
From overwhelmed to obsessed: one security professional’s EDR journey
Detecting SharePoint attacks via worker process activity
Data sources, Linux detection, and more at ATT&CKcon 2.0
Using visibility to gather context and find persistence mechanisms
Expediting false positive identification with string comparison algorithms
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog