Skip Navigation
Get a Demo
Resources Blog Security operations

Red Canary’s best of 2023

Take a look back at the research, tools, videos, and other educational resources we’re most proud of this year.

Susannah Clark Matt
Originally published . Last modified .

Many of us spent 2023 on the road. Taylor’s Eras Tour, Beyoncé’s Renaissance, and Red Canary’s Threat Detection Series Live! all had equal cultural impact. But for every Canary you spotted hamming it up at RSA and Black Hat, dozens more had hands-on-keyboard, thwarting threats and living to tell the tales. From “hot vuln summer” to Qbot’s apparently short-lived takedown, here is the best content Red Canary produced in 2023.

Best new blogs

These were the most read, most shared, and most discussed articles we published in 2023.

  1. Introducing Red Canary Mac Monitor

  2. Why Taylor Swift fans should work in cybersecurity

  3. Investigating legacy authentication: The curious case of “BAV2ROPC

  4. eBPF: A new frontier for malware

  5. Adversaries exploit Confluence vulnerability to deploy ransomware

Best legacy blogs

These classics still get steady traffic each month, remaining relevant–in some cases years after publication.

  1. Raspberry Robin gets the worm early (from 2022)

  2. Frankenstein was a hack: the copy/paste cryptominer (from 2019)

  3. Detecting suspicious email forwarding rules on Office 365 (from 2022)

  4. The Goot cause: Detecting Gootloader and its follow-on activity (from 2022)

  5. Windows Registry attacks: Knowledge is the best defense (from 2017)

Best of social media

Here are some of the more useful things we posted to social media this year.

Best of Twitter



Best of LinkedIn


Best educational resources

These are some of our flagship resources to help defenders figure out which threats to prioritize while fine-tuning their detection capabilities.

  1. Atomic Read Team

  2. The 2023 Threat Detection Report

  3. Incident Response & Readiness Guide

  4. How to increase visibility and improve cloud security

  5. Crash course on Microsoft Defender for Endpoint

Best webinars

After taking our beloved Threat Detection Series on the road, we adapted all of the in-person talks into on-demand webinars hosted throughout the year. Here are the most popular educational videos of 2023:

  1. The Detection Series: PowerShell

  2. Grand Theft Creds: Info-stealing malware edition

  3. Train hard, fight easy: Fast, effective response to modern threats

  4. Get in loser, we’re detecting threats

  5. Drop it like it’s Qbot


Best escape from our tortured reality

What better way to cope with a never ending stream of bleak headlines than to pretend to be someone else? With help from our friends at Black Hills Information Security, Red Canary released a custom expansion pack for the Backdoors and Breaches role-playing game. Watch our playthrough below and spin up your own game using the online version.


Much more in 2024

May your days be merry and incident-free. We’ll be ringing in the new year listening to Threat sounds vol. 3 (now taking requests for next year’s playlist!). We look forward to supporting the security community throughout 2024 and beyond.


The benefits of GenAI by SOC function


Manage your SOC like a product


The RSA Conference talks we’re looking forward to most


Translating our detection engine: A journey from JRuby to Go

Subscribe to our blog

Back to Top