Resources Blog Product updates

Introducing Red Canary Active Remediation

With Active Remediation, Red Canary experts contain and remediate threats on your endpoints, 24/7

Alex Spiliotes
Originally published . Last modified .

Effective threat response requires specific skills and knowledge, both deployed as fast as possible. When teams are stretched thin, though, one or more of the necessary pieces isn’t in place.

Small teams often don’t have the skills or knowledge necessary to respond with confidence.

Larger teams consumed with other priorities often aren’t ready to respond to threats immediately and with precision.

At Red Canary we obsess over minimizing the time it takes for our customers to detect and respond to threats. That’s why we are excited to announce Active Remediation, a service in which our experts remediate cyber threats on your endpoints 24/7, using a combination of hands-on-keyboard expertise and automation.

Record, Detect, and Investigate all lead to Respond and Remediate

How it works

  1. When Red Canary confirms a threat on your endpoints, we immediately run automated responses that are customized for your environment.
  2. Our detection engineers—the experts who confirmed the threat—escalate the detection to our Incident Handling Team, who begin hands-on remediation of the endpoint threats.
  3. We log all actions that we take on your endpoints so that when we’re done remediating, you can have full visibility into what we did and why we did it.
  4. We let you know when we’ve completed remediation, and our Incident Handling Team is available to walk you through the threat and remediation timeline in as much detail as you’d like.

Benefits

  • Add expertise to your team
    Let our experts go from guiding to doing. With Active Remediation, your Incident Handling Team gets to work the moment a detection is confirmed. Every second counts when responding to an incident, and Active Remediation ensures that our experts start containing and remediating on your endpoints as soon as possible.
  • Free up your staff
    We take even more off your team’s plate with Active Remediation. Which means that you and your staff get even more time to focus on more forward-looking, strategic projects. This translates to more time and more budget that you can allocate from hiring to other efforts.
  • Rest assured that your endpoints are in the best hands
    Sleep easier knowing that the experts in endpoint security have you covered 24/7 across the full endpoint threat lifecycle. We give you full transparency into all actions we take on your endpoints so that you can audit everything we do. And we work with you post-incident to help you make sure similar incidents don’t happen again in the future.

When is it available?

Active Remediation is currently available for organizations using Carbon Black or Microsoft as their EDR provider, and we’ll be rolling it out for organizations using other EDR providers very soon. Sign up here to stay up to date on availability.

Do you have any references?

Check out how Schumacher Homes reduced its mean-time-to-respond dramatically with Active Remediation. You can also check out the Active Remediation web page and infographic to learn more.

Effective threat response requires specific skills and knowledge, both deployed as fast as possible. When teams are stretched thin, though, one or more of the necessary pieces isn’t in place.

Small teams often don’t have the skills or knowledge necessary to respond with confidence.

Larger teams consumed with other priorities often aren’t ready to respond to threats immediately and with precision.

At Red Canary we obsess over minimizing the time it takes for our customers to detect and respond to threats. That’s why we are excited to announce Active Remediation, a service in which our experts remediate cyber threats on your endpoints 24/7, using a combination of hands-on-keyboard expertise and automation.

Threat Identification, Containment, and Remediation Process

How it works

  1. When Red Canary confirms a threat on your endpoints, we immediately run automated responses that are customized for your environment.
  2. Our detection engineers—the experts who confirmed the threat—escalate the detection to our Incident Handling Team, who begin hands-on remediation of the endpoint threats.
  3. We log all actions that we take on your endpoints so that when we’re done remediating, you can have full visibility into what we did and why we did it.
  4. We let you know when we’ve completed remediation, and our Incident Handling Team is available to walk you through the threat and remediation timeline in as much detail as you’d like.

Benefits

  • Add expertise to your team
    Let our experts go from guiding to doing. With Active Remediation, your Incident Handling Team gets to work the moment a detection is confirmed. Every second counts when responding to an incident, and Active Remediation ensures that our experts start containing and remediating on your endpoints as soon as possible.
  • Free up your staff
    We take even more off your team’s plate with Active Remediation. Which means that you and your staff get even more time to focus on more forward-looking, strategic projects. This translates to more time and more budget that you can allocate from hiring to other efforts.
  • Rest assured that your endpoints are in the best hands
    Sleep easier knowing that the experts in endpoint security have you covered 24/7 across the full endpoint threat lifecycle. We give you full transparency into all actions we take on your endpoints so that you can audit everything we do. And we work with you post-incident to help you make sure similar incidents don’t happen again in the future.

When is it available?

Active Remediation is currently available for organizations using Carbon Black as their EDR provider, and we’ll be rolling it out for organizations using other EDR providers very soon. Sign up here to stay up to date on availability.

Do you have any references?

Check out how Schumacher Homes reduced its mean-time-to-respond dramatically with Active Remediation. You can also check out the Active Remediation web page and infographic to learn more.

 

Subscribe to our blog