Red Canary collects and analyzes Microsoft Defender ATP telemetry, delivering the fastest way for organizations to achieve detection and response objectives with Microsoft Defender ATP. Key features include:
- Onboarding to the Red Canary service in minutes
- Broad detection coverage mapped to MITRE ATT&CK
- Red Canary investigation of Microsoft Defender ATP alerts and telemetry
- Elimination of false positives
- On demand, 24×7 Cyber Incident Response Team (CIRT)
“Instead of simply taking in alerts from security products, performing basic investigation and sending them back to the organization, Red Canary is unique in that we ingest and analyze telemetry generated by Microsoft’s Defender ATP and enable security teams to immediately activate a high-quality security operations program without the typical tuning, false positives, or automation setup process,” explained Keith McCammon, Chief Security Officer and co-founder, Red Canary.
Red Canary investigates and confirms all potential threats in an organization’s environment. Confirmed threats are clearly presented through the Red Canary web-based portal through a detailed timeline that allows security teams to know exactly when and where to respond.
“Members of the Microsoft Intelligent Security Association, like Red Canary, offer solutions that supercharge defense work against a world of increasingly sophisticated, fast-moving threats. The integration of Microsoft Defender ATP with their solutions allows us to work together to help customers navigate the security landscape,” said Alon Rosental, principal group program manager, Microsoft’s 365 Security at Microsoft Corp.