Skip Navigation
Get a Demo
Resources Blog Security operations

Deep Dive With Security Operations: Michael Haag

Cory Bowline
Originally published . Last modified .

Red Canary brings great talent to our Security Operations team to continually investigate threats, improve our detection coverage, and drive the development of our Analysis Platform.

If you’ve met anyone on our operations team, you know we don’t hire the typical run-of-the-mill security analysts. To bring you the best Managed Detection & Response, we hire the best. Without further ado: meet Michael Haag, Director of Advanced Threat Detection & Research on the Red Canary Detection Operations team.

Michael joined Red Canary from Danaher Corporation, a Fortune 150 global organization with dozens of operating companies spread around the world. His role was unique in that he architected the security program for Danaher in addition to handling day-to-day threat investigations and hunting activities. Michael brings extensive experience with Carbon Black Response that included a Cb Response + Splunk detection and investigation process. As one of the most advanced Response users, Michael has spoken at numerous conferences and user exchanges sharing the power of endpoint visibility, detection, and response.

“Michael is at the top of the list when it comes to endpoint detection and response experts. He brings a really rare combination of strategic vision and technical expertise and understands all of the security problems inherent with a global organization. Every one of our customers would want Michael on their team – we’re excited to bring his skills to every one of them.”

– Keith McCammon, Red Canary Chief Security Officer

Before Danaher, Michael worked at SAIC/Leidos as a Cyber APT Hunter in their MSSP division. During his time there, he supported over 50 DoD and commercial customers and defined advanced detection capabilities in multiple SIEM products to ensure detection coverage across the full spectrum of threats.

“What I love about Red Canary is that is it not just another monitoring company or MSSP,” Michael said. “From the founders to the accounting team, everyone cares passionately about making customers’ security better. Combine that with the most comprehensive and scalable tech I’ve seen for detection, triage, and response (and I’ve seen most of the other options out there) and we have a platform I’m excited to work with every day. Nothing beats being able to help companies detect these attacks that they’d be blind to otherwise


Engineering a MDR solution for Microsoft Azure


The benefits of GenAI by SOC function


Manage your SOC like a product


The RSA Conference talks we’re looking forward to most

Subscribe to our blog

Back to Top