Detection and response

The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Invoke-Atomic leaves the nest
Comparing open source adversary emulation platforms for red teams
Introducing Chain Reactor
Testing initial access with “Generate-Macro” in Atomic Red Team
Topics (1)
Detecting COR_PROFILER manipulation for persistence
Introducing Blue Mockingbird
Lateral Movement with Secure Shell (SSH)
2020 Threat Detection Report: the conversation continues
Worms shape the narrative in Red Canary’s 2020 Threat Detection Report
What F1 racing can teach us about telemetry
The Third Amigo: detecting Ryuk ransomware
PUP training: the importance of detecting potentially unwanted programs
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog