The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Detecting All the Things with Limited Data
Threat Hunting for PsExec, Open-Source Clones, and Other Lateral Movement Tools
Red Team vs Red Canary: How Sparring with Customers Improves Security
How the OODA Loop Can Help Improve Detection Speed and Accuracy
Select Topic
Category: Product & Technology
Defense evasion: why is it so prominent & how can you detect it?
Meet Todd Gaiser: detection engineering extraordinaire
FrameworkPOS and the adequate persistent threat
Adversaries use scripting more than any ATT&CK technique except PowerShell
Four tools to consider if you’re adopting ATT&CK
Threat analysis: Regsvr32 is the third most popular ATT&CK technique
Connection Proxy Ranks Fourth Among ATT&CK Techniques
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog