SQL search and analytics
Use SQL to search based on specific attributes–IPs, hostnames, URLs, date/time ranges–and run basic statistical analyses to support internal investigations.
Available now
Security Data Lake
REDUCE THE COST OF LOG RETENTION
Avoid paying a premium for high volume, low fidelity security data storage. By sending that data to Red Canary, you’ll save money while maintaining accessibility for your team’s and Red Canary’s investigations.
KEY BENEFITS
Reduce SIEM costs
Pay a fraction of SIEM storage costs for high volume, low fidelity data sources like Firewall, DNS, and SASE logs.
Meet retention requirements
Prove to auditors that your data is retained and can be retrieved on-demand. If you need to export specific logs you can do so at any time.
Investigate stored data
Ensure visibility into your data for your team’s and Red Canary’s investigations, improving your security posture.
The Challenge
Security leaders face tough tradeoffs when managing security data. Storing too much in a SIEM results means you’re overpaying on infrequently searched, low-value data, while managing a data lake adds infrastructure headaches. You need a solution that reduces overhead and keeps data accessible at all times.
Our Solution
Flexible and cost-efficient retention
Store raw data–JSON strings, syslog messages, anything that’s line delimited that you can write to an S3 bucket–for any length of time specified by you.
Available now
MDR enhancement
Red Canary can leverage the Security Data Lake during our investigations, strengthening your detection and response coverage.
Target availability Jun. ‘25
