The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Exploring the phases of incident response: visibility, containment, & response
Evaluating Endpoint Products in a Crowded, Confusing Market
From overwhelmed to obsessed: one security professional’s EDR journey
VMware Carbon Black technology: a look forward, from the past
Select Topic
The Third Amigo: detecting Ryuk ransomware
PUP training: the importance of detecting potentially unwanted programs
The Attribution Game: When Knowing Your Adversary Matters
Trapping the Netwire RAT on Linux
Introducing Chain Reactor
Detecting attacks leveraging the .NET Framework
Uncompromised: An AutoIT worm living off the land
Red Canary in 2020: looking ahead
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog