The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Invoke-Atomic leaves the nest
Comparing open source adversary emulation platforms for red teams
Introducing Chain Reactor
Testing initial access with “Generate-Macro” in Atomic Red Team
Select Topic
Practical ways to teach the basics of cybersecurity to children
Process Injection: a primer
Keeping tabs on Blue Mockingbird
Hello world: on finding my voice
Test your visibility into the top 10 ATT&CK techniques
Exploring the 3 phases of incident response
A guide to evaluating EDR security tools
Endpoint security: what’s changed and what hasn’t?
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog