The Red Canary Blog

Security teams need an ally to help defend against adversaries. Check out our blog for tips on increasing visibility, expanding detection coverage, and improving information security.
Four tools to consider if you’re adopting ATT&CK
Shutting Down OSX/Shlayer
Goalkeepers Win Games: How a Change in Mindset Can Help Defenders Be More Effective
Evaluating Endpoint Products in a Crowded, Confusing Market
Select Topic
Four tools to consider if you’re adopting ATT&CK
Threat analysis: Regsvr32 is the third most popular ATT&CK technique
Connection Proxy Ranks Fourth Among ATT&CK Techniques
Testing the Top MITRE ATT&CK Techniques: PowerShell, Scripting, Regsvr32
Spearphishing Ranks Fifth Among ATT&CK Techniques
Threat Hunting in Linux for Indicators of Rocke Cryptojacking
Getting Started with ATT&CK? New Report Suggests Prioritizing PowerShell
Are You Using Tabletop Simulations to Improve Your Information Security Program?
We’re always looking for new experts to contribute interesting perspectives and improve our blog. Email us at with article pitches, feedback, or just to say hello!

Subscribe to our blog