The team began looking at Endpoint Detection and Response (EDR) solutions to gain visibility and cover the gaps. Realizing that an EDR tool would require a great deal of hands-on management, they focused on fully managed solutions to get more immediate value.
Rick recounted the team’s evaluation of Red Canary. “We ran a number of tests to put the solution through its paces. Red Canary caught them all. Aside from efficacy, another thing that stood out was the solution’s agility. We requested a new authentication header so we could send detections to our incident tracking system. Within a few hours, it was in production. Having something like that done so quickly was awesome to see.”
The team initially deployed Red Canary for macOS coverage, but they have since extended Red Canary to defend most of the business’s Windows devices as well. Having the solution across the environment gives the team confidence that advanced attacks are not being overlooked.