The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Four tools to consider if you’re adopting ATT&CK
Shutting Down OSX/Shlayer
Goalkeepers Win Games: How a Change in Mindset Can Help Defenders Be More Effective
Evaluating Endpoint Products in a Crowded, Confusing Market
Select Topic
Defense evasion: why is it so prominent & how can you detect it?
Meet Todd Gaiser: detection engineering extraordinaire
FrameworkPOS and the adequate persistent threat
Adversaries use scripting more than any ATT&CK technique except PowerShell
Four tools to consider if you’re adopting ATT&CK
Threat analysis: Regsvr32 is the third most popular ATT&CK technique
Connection Proxy Ranks Fourth Among ATT&CK Techniques
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog