The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Detecting All the Things with Limited Data
Threat Hunting for PsExec, Open-Source Clones, and Other Lateral Movement Tools
Red Team vs Red Canary: How Sparring with Customers Improves Security
How the OODA Loop Can Help Improve Detection Speed and Accuracy
Select Topic
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32
Spearphishing Ranks Fifth Among ATT&CK Techniques
Threat Hunting in Linux for Indicators of Rocke Cryptojacking
Getting Started with ATT&CK? New Report Suggests Prioritizing PowerShell
Are You Using Tabletop Simulations to Improve Your Information Security Program?
Previewing RSA Conference: 10 Talks to Attend
Shutting Down OSX/Shlayer
Defense Evasion and Phishing Emails
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog