TMCnet News

Red Canary Closes $2.5 Million Investment to Deliver Advanced Endpoint Threat Detection and Eliminate False Positive Alerts
[March 26, 2015]

Red Canary Closes $2.5 Million Investment to Deliver Advanced Endpoint Threat Detection and Eliminate False Positive Alerts


Red Canary, the endpoint threat detection and response company, today announced it has closed $2.5 million in seed funding led by Kyrus. Red Canary will use the funds to bring to market its unique managed service that combines a best-in-breed, multi-dimensional detection system with human analysts, delivering customers extensive detection with no alert fatigue.

The company also unveiled today the first technology partners that help make up its platform, including Bit9 + Carbon Black, Farsight Security and Threat Recon. The Red Canary platform combines these and other industry leading detection technologies and techniques with proprietary behavior analysis and anomaly detection algorithms. Red Canary examines all endpoint activity in near real-time, identifies malicious and suspicious behavior and removes the burden on responders by eliminating false positives. Vendors interested in being evaluated for potential inclusion in the Red Canary platform should contact [email protected].

"Today's endpoint security market is too complex for most businesses to make the right decisions about what products are needed. Once a company selects their suite of products, managing all that data and sifting through false positive alerts quickly overwhelms most teams. Red Canary delivers an all-in-one solution that makes endpoint threat detection and response attainable for any business," said Red Canary CEO and co-founder Brian Beyer. "We evaluate and select the best products on the market, build new detection technologies where gaps exist, hire trained security professionals and manage the all-in-one service so customers can focus on their business. Rd Canary assesses hundreds of thousands of events every minute, eliminates the false positive alerts and empowers our customers to respond appropriately to the true threats to their business."



How Red Canary Works

Traditional approaches to IT security rely largely on signature and threat intelligence-based detection and often deliver countless false positives. Red Canary takes a different approach. Red Canary has selected the lightweight Carbon Black endpoint sensor to continuously feed endpoint activity to Red Canary's Threat Detection Engine; a multi-dimensional platform of the best technologies and techniques needed to deliver holistic detection across the kill chain. All potential threats flagged by the engine are reviewed by Red Canary's expert analysts, delivering customers unparalleled detection. Customers' security teams are alerted to confirmed threats immediately with the information needed to respond: what happened, affected endpoints, involved users and associated indicators of compromise. Detections are easily integrated into response workflows through email, syslog, webhooks, SIEM connectors and a RESTful API.


The Red Canary service consists of:

  • Endpoint Sensors (Bit9 (News - Alert) + Carbon Black) - easily deployed to thousands of endpoints and continuously streams all activity to Red Canary's Threat Detection Engine;
  • Behavioral Analysis (Red Canary proprietary technology) - modeling process behavior over time identifies any activity that resembles malicious software or advanced attackers;
  • Binary Analysis (Red Canary proprietary technology, currently evaluating leading products) - machine learning, code inspection, reputation and pedigree information separates benign applications from threats;
  • Analytics (Red Canary proprietary technology, currently evaluating leading products) - building an organizational baseline of "normal" activity flags anomalous behavior by users and applications;
  • Threat Intelligence (Red Canary proprietary database, Threat Recon, Farsight Security, Bit9 + Carbon Black's Threat Intelligence Cloud) - curating binary, network and other data from our detections and leading third parties enables the detection of software known to be malicious; and
  • Human Analysis - expert analysts provide another layer of detection by reviewing every escalated threat to confirm actual threats and eliminate false positive alerts.

"The team behind Red Canary is incredible. It's rare that individuals with so much technical expertise and industry experience come together to deliver winning projects and products time and time again," said Lenny Zeltser, Senior Instructor at the SANS Institute (News - Alert), a private U.S. organization that specializes in information security and cybersecurity.

Red Canary's World Class Partners

  • Bit9 + Carbon Black provides one of the most complete solutions against advanced threats that target organizations' endpoints and servers, making it easier to see-and immediately stop-those threats. "Red Canary's use of Carbon Black is a great example of why we developed the Connect Program. Their ability to process endpoint activity and detect threats in near real time is unparalleled." - Tom Barsi, Vice President, Business Development, Bit9 + Carbon Black.
  • Threat Recon is a leading cyber threat intelligence analysis service. "Combining Wapack Labs' cyber threat intelligence feeds with Red Canary's endpoint threat detection services will provide customers with a dynamite cyber threat solution. No corporation or government is immune from cyber attack and our combined defense will help our customers stay ahead of today's attacks." - Jeff Stutzman, Co-Founder and President, Wapack Labs Corp.
  • Farsight Security specializes in real-time Passive DNS solutions that provide valuable contextual information to reputation and threat feeds. "Farsight Security is pleased to team up with Red Canary for the delivery of intelligent endpoint protection for its clients. Our ability to signal Red Canary's cloud-based risk detection models in near real-time about new, high-risk domain names is providing Red Canary's threat detection engine with a unique edge in proactive risk detection. It is through such timely threat intelligence processing techniques that smart, secure enterprises will make progress in reducing the intrusion-to-detection time gap." - Bert Lathrop, Chief Customer Officer, Farsight Security, Inc.

Red Canary is continually evaluating new partnerships that will improve the capabilities of the threat detection platform. The company will announce new analytics and binary analysis partnerships in the coming months. Vendors that believe their technology would enhance the Red Canary platform should contact [email protected].

About Red Canary

For security-conscious organizations, Red Canary simplifies the complexity of endpoint threat detection and response with its multi-dimensional detection system that eliminates false positive alerts. Whether protecting 500 or 100,000 endpoints, Red Canary delivers a platform that combines the industry's best-in-breed detection technologies with proven techniques and human analysts to quickly assess thousands of potentially malicious events per day and deliver meaningful threat detections that expedite response. To learn more visit https://www.redcanary.co


[ Back To TMCnet.com's Homepage ]