Red Canary Launches New Capabilities for MDR; Detects 5x More Confirmed Threats Than Other Providers

Managed Detection and Response (MDR) provider Red Canary has launched new threat investigation and Active Remediation capabilities to help customers investigate, triage, and respond to threats — raising the bar for the MDR industry. The new capabilities build on Red Canary MDR's advanced threat detection to provide customers with unparalleled beyond-the-endpoint detection, as well as first-hand, real-time investigation and remediation by qualified experts.

We spoke with Red Canary CEO Brian Beyer to learn more about the capabilities that the company is bringing to the rapidly growing MDR market.


MDR is booming. Why is it such a powerful tool in the fight against cybercriminals?


Security tools alone cannot effectively protect organizations against a breach, and many organizations don’t have the security teams or expertise to respond to threats 24x7. MDR is a combination of threat detection technology and expertise - people - which provides continuous monitoring and response to threats. The most effective solutions have comprehensive detection capabilities, deliver MDR across the enterprise and provide round-the-clock response. Red Canary MDR does all of this and more. Our advanced threat detection casts the broadest detection net to identify all threats, enabling Red Canary to detect threats that no one else can, providing unparalleled security outcomes. Threat investigation delivers beyond-the-endpoint threat investigation and triage and Active Remediation provides hands-on remediation by qualified experts to combat cybersecurity threats.

While other MDR vendors focus on the narrow stream of alert logs from businesses’ existing security products, Red Canary takes those and then goes exponentially deeper, analyzing in real time over a petabyte of telemetry on a daily basis to find the threats that will otherwise go undetected. So when we alert our customers of a threat, they can treat them seriously and respond swiftly and intelligently. As a truly all-in-one product, our MDR provides around-the-clock expert protection and threat response without the need to hire a full security operations team.


What makes this update differentiated from competitors?


Most MDR vendors depend solely on the alerts from an organization’s security stack, which inherently misses threats as they are only built to detect threats with a certain level of noise. For 8 years, we’ve taken a different approach and built a new kind of platform that is designed to focus on where adversaries operate and detects five times as many threats as other security solutions, while also reducing false positives over 99%; ultimately flagging the threats that matter the most to our clients.


By expanding beyond the endpoint – now protecting enterprise endpoints, cloud workloads, network, identity and Saas applications – we can ingest alerts from security solutions in customers’ security stacks. With our new expanded holistic view of customers’ threats, our team can conduct stronger investigations, prioritizing alerts to direct customers to the threats that matter the most.


Unlike other MDR providers, we’ve added personalized, human hands-on-keyboard threat response to boost our existing capabilities. With Active Remediation, we can actually have our Incident Handlers remotely access a company’s environment to respond to threats directly, which is especially crucial for teams that lack the resources to staff in-house, 24/7 threat response. Our customers tell us this service alone would require 5-10 security experts to provide the same service in-house.


What should clients expect from this boost in capabilities?


Together, these two offerings provide improved ability to detect and respond to threats across the enterprise. Customers now have complete visibility of threats in their environment, including increasingly common attacks involving identity and email. We’re proud to provide our customers with a product that not only provides teams with peace of mind and security, but also frees them up to remain focused on their core mission – distraction-free from security threats – while protecting the bottom line.


Additionally, these offerings make a market-leading threat detection and response even more accessible to organizations regardless of their size or security maturity. While some organizations end up being nickel and dimed into additions to feel more confident in their security strategies, we pride ourselves in providing our customers with an “all-in” predictable pricing model granting them access to our full suite of MDR features.


What future plans are you making for your investments in MDR? What should the market keep an eye out for from Red Canary?


As the threat landscape and our customers’ security needs evolve, so will we - diving deeper where the threat action happens, improving customers’ threat visibility across their increasingly complex security stack and IT environment, and continuing to be a leader in actionable threat intelligence.