Security Team Development

Building a Winning Security Team: Practical Tips on Training and Team Development

Phil Hagen

The most fundamental truth in information security is that we need smart people to do the most important parts of the job. Regardless of how many racks of servers, gazillions of dollars of software, or dozens of threat intel “feeds” we invest in, they won’t provide the slightest impediment to adversaries without real live humans to run the show. This … Read More

Red Canary Threat Response

How an IT Service Provider and Red Canary Stopped a Malware Outbreak

Eric Groce

A technical account manager recounts how Red Canary partnered with an IT service provider to help one of their customers stop a rapidly spreading network worm. The article goes behind the scenes of the incident response effort and shares best practices to avoid a breach. Most IT service providers can relate to the following scenario: It’s an idle Thursday. You … Read More

When Web Servers Go Cryptocurrency Mining

Tony Lambert

Miners and canaries have had a long and storied history, but Red Canaries aren’t too fond of miners. Cryptocurrency miners, that is. Recent booms in cryptocurrency values have made cryptocurrency mining an attractive way for anyone with a computer to earn some extra money. The trouble is, the average user would spend more money performing mining activities and paying for … Read More

Cryptocurrency Trends

Cryptocurrency Trends: Will Ransomware Be Overtaken by Miners?

Joe Moles

This last year you couldn’t turn on the TV, look at social media, or visit your favorite internet news source without being faced with another story of a ransomware compromise. These attacks are highly destructive and largely driven by financial gain. Threat trends and methods to “make a quick buck” will continue, while new methodologies rise to the forefront. Based … Read More

A Bird’s Eye View: Behind the Scenes of Beastmode

Dave Epperly

There’s a thing we do at Red Canary called BEASTMODE. No beating around the bush here; it’s a corporate all-hands. On a quarterly basis, the remote teams come to the Denver office and we spend three intense days together. The reason it’s called BEASTMODE is that in the very early days of the company, we’d spend endless hours in a single … Read More

Threat Hunting With Entropy

Using Entropy in Threat Hunting: a Mathematical Search for the Unknown

Ben Downing

“Antivirus is dead” is a common refrain in the information security space, but if you look below the surface, what it really means is “atomic indicators are dead.” While there is value in static indicators, they are the bare minimum standard for detection these days and suffer from numerous drawbacks. Behavioral indicators are the next level, which use knowledge of … Read More

Call to Arms: 4 Things Everyone in InfoSec Should Stop Doing Right Now

Joe Moles

While I’ve always been passionate about working in InfoSec, I can’t help but feel jaded about the way our industry approaches some things. We run around pointing fingers at each other with slander marketing, we use Twitter as an intel sharing platform, and we cry out that the sky is falling every time a researcher posts a new post exploit … Read More