MSSP, Content, Security Program Controls/Technologies, Endpoint/Device Security, MDR

MSSP Red Canary Adds Carbon Black Advanced Threat Hunting Support

MSSP Red Canary has added support for the Carbon Black CB ThreatHunter advanced threat hunting and incident response solution, according to a prepared statement.

Red Canary now leverages Carbon Black solutions in combination with its in-house detection and response management platform and cyber incident response team (CIRT), the companies said. It also has become one of the first MSSPs to deploy managed detection and response (MDR) in conjunction with the CB Predictive Security Cloud (PSC) endpoint protection platform.

A Closer Look at CB ThreatHunter and PSC

CB ThreatHunter correlates and visualizes endpoint information to provide visibility into IT environments, Carbon Black stated. It uses custom and cloud-based threat intelligence, automated watchlists and security integrations to scale threat hunting across an organization.

PSC is a converged endpoint protection platform that delivers security and operations services through the cloud, Carbon Black indicated. It retrieves and analyzes endpoint data from billions of endpoint events per day and works in conjunction with all Carbon Black products.

What Is Red Canary?

Red Canary offers an MDR solution designed to help organizations quickly identify and stop cyberattacks. The solution includes the following products:

  • Red Canary Act: Leverages playbooks and a playbook editor to help organizations automate threat remediation.
  • Red Canary Detect: Evaluates endpoint telemetry to identify cyberattacker behavior across the attack lifecycle.
  • Red Canary Investigate: Enables an organization's CIRT to investigate cyber threats and document relevant security event details.
  • Red Canary Record: Uses endpoint sensors to collect, process and retain telemetry, including processes, file modifications, binary metadata and network connections.

Red Canary also provides an endpoint detection and response (EDR) solution that can be deployed on-premise or in the cloud. The EDR solution provides organizations with telemetry, as well as configuration and management of their EDR infrastructure.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.

Related