Skip Navigation
Get a Demo
 
 
 
 
 
 
 
 
 
Resources Blog Product updates

Introducing Linux EDR Response Actions

Opt-in to automated response you can trust within your Linux environment.

Kevin Gee

When it comes to Linux, we recognize that it is often our customer’s production systems that we are aiming to protect. With that in mind, we’ve been very careful in how we develop our Linux EDR agent and the type of capabilities it supports. We previously chose to not include automated remediation as a feature of our agent to ensure our customers maintained full control of their Linux production environments and could trust that our agent would not negatively impact or degrade the service of their critical infrastructure. However, our customers have made it clear that they want automated responses as a feature option because they value and trust our ability to correctly identify and respond to threats safely.

Red Canary is proud to introduce a new plug-in option for Linux EDR customers to support automated response actions. Sticking with our ethos, this plugin is disabled by default so customers will need to opt-in by specifically enabling the plugin in their portal. Once enabled, customers will be able to configure playbooks with automated response actions or take manual actions when reviewing threats on the timeline. We are starting with support for file deletion and retrieval and will be adding additional responses in the near future. This feature is available now to all Linux EDR customers.

If you’d like to learn more about how to enable the response actions plugin in your portal, please see our help center article. If you just have questions about Linux EDR and its response capabilities, please reach out to your Customer Success Manager. In the meantime, take a look at the file deletion response in action:

 

 

Red Canary partners with ExtraHop

 

Jamf and Red Canary: Working together for expert level security

 

Dark Canary Rises

 

Integration update: Okta Workforce Identity, Cisco Umbrella, Palo Alto Networks Wildfire and Threat Prevention

Subscribe to our blog

 
 
Back to Top