Add an ally. Strengthen your defenses.
You don’t need time, expertise, or an army of security hires to build a 24/7 detection and response capability—you simply need Red Canary.
As VMware Carbon Black specialists, we ensure you get immediate return on your product investments, along with the added peace of mind of knowing an industry-respected detection and response team is watching your environment at all times.
your detection coverage
detection and response
fewer false positives
How it works
Turnkey detection and response
Red Canary helps you deploy, configure, and update policies for VMware Carbon Black sensors. We ingest your product alerts and analyze your endpoint telemetry using our cloud-based detection engine composed of thousands of behavioral analytic use cases.
Hunt adversaries and evolve detection
Red Canary researches new attacker behavior and continually combs your environment. We maintain industry-leading detection coverage by updating our library of behavioral analytic use cases hundreds of times per week in response to new attacker behavior.
Offload investigations and add automation
We perform full investigations using our proprietary analyst workbench and only alert you to confirmed threats. A detailed threat report is posted in your Red Canary portal where you can customize automated response actions and playbooks.
Active Remediation and Managed Response
Our incident handlers can perform active or managed remediation and containment in your environment.
What Customers Are Saying
VMware Carbon Black products collect thousands of events every hour. Analyzing that volume of data would take massive time and effort from our team. Red Canary is a hands-off strategy. I deploy the sensor and Red Canary does the rest. I can meet with my incident handler at any time, or log into my Red Canary portal to see exactly what's happening.”
Red Canary covers the gaps and gives us a set of eyes on our environment 24/7. Knowing they're looking for suspicious activity around the clock gives us peace of mind.”
If you don’t have the subject matter expertise to continuously monitor and improve VMware Carbon Black Cloud, look at Red Canary. They are the VMware Carbon Black experts.”
Expand and evolve detection coverage
Our industry veterans perform ongoing threat research and analyze intelligence to ensure your coverage for attacker behaviors evolves with new information. No watchlist maintenance required.
Red Canary observes 85% of MITRE ATT&CK® techniques and counting. Plus, we make sure you can count on our detection logic by continually running 12,000+ unique tests.
Add efficiency by eliminating false positives
Stop wasting time chasing bad leads. Red Canary only alerts you to detailed, confirmed threats—with fewer than 1/1000 false positives—so you can stay focused on strategic security projects.
Reduce mean time to respond with automation
Set up custom, automated response actions to safely contain ransomware, tackle tedious unwanted software tasks, and stop threats in your sleep. Or with Active Remediation, our experts will set up your custom response playbooks and contain and remediate all threats across your managed endpoints on your behalf.
Seamlessly integrate into existing workflows
Red Canary integrates with the tools and workflows you already have in place. You can access detailed threat data for use in ticketing systems, SIEMs, Slack, SMS, and more.
Access security advice & incident response support
Your incident handler is here for on-demand IR support and ongoing security advice. Get proactive guidance on how to mature your security strategy.
Measure and strengthen security
Red Canary shows you where you’re covered and gives you advice on how to improve. We’ll help you track how your security program is trending and how it compares to similar organizations.
Why Red Canary
Deep expertise rooted in shared lineage
Red Canary and Carbon Black were both innovations started inside Kyrus Tech, a boutique cybersecurity defense contractor. Red Canary’s founders started working with Carbon Black on Day 1 to deliver expert incident response services. When the founding team realized Carbon Black EDR collected all the necessary data for proactive threat detection and response, the idea for Red Canary was born.