It’s a long-standing tradition to look back on the year as it gets ready to end. What were the moments that inspired us? What did we accomplish? And just as important, where did we fail and learn? As 2019 comes to a close, we’re not only ending a year—we’re ending a decade. We look back and see not just milestones, but seasons of transformation.
Red Canary has changed and evolved immensely since it was founded in 2013. Our business has grown and so have we. Our security team grew from a small Security Operations Center with talented analysts, to a world-class Cyber Incident Response Team (CIRT) comprised of detection engineers, incident handlers, and researchers. The Red Canary blog evolved from a grassroots assembly of infrequent submissions and just a few dozen subscribers, to a weekly publication complete with editors, writers, regular contributors, and thousands of readers across the security community.
This is a celebration of the journey we’ve taken together. To the readers and contributors who make our work possible, thank you. We hope you’ve enjoyed it as much as we have.
Top-read stories of all time
Are You Using Tabletop Simulations to Improve Your Information Security Program?
Threat Hunting for PsExec, Open-Source Clones, and Other Lateral Movement Tools
Lateral Movement Using WinRM and WMI
Red Canary Introduces Atomic Red Team, a New Testing Framework for Defenders
How to Use Windows API Knowledge to Be a Better Defender
How to Prevent Ransomware: 5 Practical Techniques and Countermeasures
Windows Registry attacks: Knowledge is the best defense
Passive DNS Monitoring – Why It’s Important for Your IR Team
How to Get an Information Security Analyst Job: Interview Questions, Answers & Advice (Part Two)
TOP STORIES OF 2019
Four tools to consider if you’re adopting ATT&CK
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32
Stopping Emotet Before it Moves Laterally
Detecting All the Things with Limited Data
Top-read blog series
Red Canary ATT&CKs
Announcing our integration of MITRE ATT&CK™ across Red Canary in January 2018 was the start of something momentous. The comprehensive framework pervaded every part of Red Canary operations and our platform. It also gave new focus to our educational content, providing a roadmap for sharing research and lessons learned.
Editors' picks: top blogs
Tracking driver inventory to unearth rootkits
Suppressors 101: How to Filter Out False Positives
Slaying Evil Around the Clock with Red Canary’s Cyber Incident Response Team
Call to Arms: 4 Things Everyone in InfoSec Should Stop Doing Right Now
Editors' pick: top webcast
Break through the noise: how to take control of your incident response operations
One of the team's first "big" webcasts drew a whopping 38 attendees and nearly ran off course when panelist Joe Moles had to rush to the hospital midway through for a family emergency. The crisis was averted, and Joe finished the webinar from his firetruck. Memories aside, the timeless content is full of great tips for incident responders.Watch Video
Released in 2019, our first annual threat detection report analyzed 10,000 confirmed threats across companies of all sizes and industries to shed light on the most prevalent ATT&CK techniques. Keep an eye out for the 2nd edition in early 2020.Download
DECADE IN REVIEW
To all of our readers and contributors: thank you once again. This post is a celebration of all that’s come before, and all that lies ahead. We can’t wait to see what the next decade brings. Happy New Year—and Decade!
educational articles and webcasts
loyal readers across the community
in-house and guest contributors