top of page

Red Canary Integrates Managed Detection and Response to Microsoft Defender ATP

Red Canary, a member of the Microsoft Intelligent Security Association, today officially announced Red Canary Managed Detection and Response for Microsoft Defender Advanced Threat Protection (ATP). The offering is available to the increasing number of organizations looking to take advantage of the innate security features of Windows 10 and Microsoft Defender ATP for Mac and Linux. Red Canary has been delivering the service to select customers for nearly a year and is excited to announce its general availability.

Red Canary collects and analyzes Microsoft Defender ATP telemetry, delivering the fastest way for organizations to achieve detection and response objectives with Microsoft Defender ATP. Key features include:

  • Onboarding to the Red Canary service in minutes

  • Broad detection coverage mapped to MITRE ATT&CK

  • Red Canary investigation of Microsoft Defender ATP alerts and telemetry

  • Elimination of false positives

  • On demand, 24×7 Cyber Incident Response Team (CIRT)

“Instead of simply taking in alerts from security products, performing basic investigation and sending them back to the organization, Red Canary is unique in that we ingest and analyze telemetry generated by Microsoft Defender ATP and enable security teams to immediately activate a high-quality security operations program without the typical tuning, false positives, or automation setup process,” explained Keith McCammon, Chief Security Officer and co-founder, Red Canary.

Red Canary investigates and confirms all potential threats in an organization’s environment. Confirmed threats are clearly presented through the Red Canary web-based portal through a detailed timeline that allows security teams to know exactly when and where to respond.

"Members of the Microsoft Intelligent Security Association, like Red Canary, offer solutions that supercharge defense work against a world of increasingly sophisticated, fast-moving threats. The integration of Microsoft Defender ATP with their solutions allows us to work together to help customers navigate the security landscape,” said Alon Rosental, principal group program manager, Microsoft 365 Security at Microsoft Corp.

To learn more about how Red Canary is enabling Microsoft Defender ATP security, visit or contact

About Red Canary 

Red Canary ( is a security operations ally to organizations of all sizes providing managed detection and response. The Red Canary platform collects hundreds of terabytes of endpoint telemetry every day, surfacing evidence of threats that are analyzed by its Cyber Incident Response Team (CIRT). As a result of this extensive investigative work, Red Canary has a unique view into the most common and impactful threats across a broad collection of organizations and industries. 

The company delivers outcome-focused solutions that can be deployed in minutes to identify and shut down attacks. Founded in 2014, Red Canary is a pioneer in providing managed detection and response solutions that integrate behavioral analytics and automated response with 24/7/365 investigation. 


bottom of page