Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Red Canary Managed Detection and Response

Red Canary

Reviews from AWS customer

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

120 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Computer Software

Great Experience Overall

  • July 07, 2025
  • Review provided by G2

What do you like best about the product?
Red Canary provides timely alerts with rich contextual information, which significantly accelerates my ability to triage and respond to security incidents. The quality of the alerting is excellent, with very low false positive escalation rates, saving me valuable time and reducing alert fatigue. I also appreciate the platform’s automation capabilities, which allow for streamlined and automated incident response workflows, making it easier to contain and remediate threats efficiently.
What do you dislike about the product?
I have not encountered any major downsides so far.
What problems is the product solving and how is that benefiting you?
Red Canary is solving the challenge of providing comprehensive, around-the-clock security monitoring and threat detection without requiring a large internal SOC team. With Red Canary’s managed detection and response, we’re able to maintain 24/7 coverage and quickly identify important security events, even with a small team. This allows us to confidently focus on other operational priorities, knowing that critical threats will be surfaced promptly and with actionable context. As a result, we can shift our attention back to security response only when it truly matters, improving both our efficiency and our security posture.

    Verified User in Business Supplies and Equipment

Red Canary’s team continuously monitors your environment

  • July 07, 2025
  • Review provided by G2

What do you like best about the product?
Threat Intelligence & Behavioral Analytics
Powered by thousands of analytics and deep threat research (mapping to MITRE ATT&CK), Red Canary delivers data-driven, intelligence-led operations
What do you dislike about the product?
Would you like to dive deeper into any component—such as their threat intelligence engine, MDR SOC workflows, or integration specifics?
What problems is the product solving and how is that benefiting you?
Readiness Exercises & Training
On-demand and facilitated tabletop exercises using real-world TTPs (e.g., from Scattered Spider), atomic tests, and attack simulations improve incident-response readiness continuously
sales.superagi.com
+4
redcanary.com
+4
redcanary.com
+4
.

Automation & SOAR Capabilities
Red Canary offers automated, customizable playbooks that accelerate response time and reduce operator workload

    Architecture & Planning

Red Canary Sentinel Integration

  • June 19, 2025
  • Review provided by G2

What do you like best about the product?
Their deep knowledge of Sentinel and all Microsoft services.
What do you dislike about the product?
Not sure if this was an internal issue or a Red Canary issue but at time the scheduling of meetings were a bit hectic.
What problems is the product solving and how is that benefiting you?
Sentinel Integration

    Hospital & Health Care

Awesome team, and support.

  • June 12, 2025
  • Review provided by G2

What do you like best about the product?
Having the team monitor all data and respond. I like knowing we have a security over watch that is so responsive, and reactive.
What do you dislike about the product?
There is nothing I dislike about the team or software.
What problems is the product solving and how is that benefiting you?
Monitoring and investigation of events.

    Insurance

Great core product

  • June 04, 2025
  • Review provided by G2

What do you like best about the product?
Red Canary excels at ingesting and correlating telemetry and alerts from our Microsoft Defender suite, combining and deconflicting that data into a single, cohesive threat narrative for a given machine or activity. This correlation capability provides a clearer picture of threats than we get from our other tools and can reduce the time our analysts spend on manual investigation. The platform itself is intuitive and well-designed, making it easy to navigate and use. Additionally, the customer support has been excellent—particularly Annalise and Matthew, who have been responsive and helpful, with Matthew providing deep technical assistance on integrations and automation. Overall, Red Canary adds meaningful value to our security operations.
What do you dislike about the product?
While Red Canary offers strong automation capabilities, there are some limitations that impact our ability to fully leverage the platform. One of the main issues is the inconsistency between the GUI, automation platform, and API. For example, when closing out threats, the options available in the automation platform differ from those in the GUI and API—such as missing specific closure reasons like "Internal testing." Additionally, the automation platform only supports "AND" logic in trigger conditions, which makes it difficult to build flexible workflows that share common traits but differ in just one condition. These limitations force us to rely on custom scripts and direct API calls to achieve the functionality we need, rather than managing everything within Red Canary itself.
What problems is the product solving and how is that benefiting you?
As the lead of our Breach and Attack Simulation (BAS) Team, my use of Red Canary differs from that of our SOC analysts. I simulate attacks against our network and assets using AttackIQ, and Red Canary plays a critical role in helping me identify and track this activity across our environment. It excels at correlating AttackIQ-generated telemetry with the correct target assets and associated alerts in Microsoft Defender, which is something we struggle to do effectively with other tools. This correlation allows us to validate detection coverage and response workflows more accurately. Additionally, we leverage Red Canary’s automation capabilities to ensure that our simulations don’t overwhelm the SOC or disrupt normal security operations, helping us maintain operational efficiency while testing our defenses.

    Cristian W.

RC Review by ULT

  • June 02, 2025
  • Review provided by G2

What do you like best about the product?
The integrations with other vendors and playbooks.
What do you dislike about the product?
Maybe the decommission Endpoint when inactive for days could be incrieased.
What problems is the product solving and how is that benefiting you?
The infected devices are isolated due the playbooks triggers.

    Hospital & Health Care

Satisfied Customer!

  • May 30, 2025
  • Review provided by G2

What do you like best about the product?
I provide cyber support for a healthcare organization. There are times where I need additional support whether it be in investigating an alert from our EDR or a technical question regarding the Red Canary web portal. Red Canary is quick to answer my questions and address any concerns I may have.
What do you dislike about the product?
I would like additional features when it comes to Threats that are published by Red Canary. For example, If I remediate a Threat by adding an end user to be allowed to use a specific application and later would like to revert those changes. I need to submit a ticket to Red Canary to have the user removed.
What problems is the product solving and how is that benefiting you?
Red Canary is receiving our telemetry from various sources and is able to correlate multiple events to formulate a Threat. These Threats are often not seen by our internal Cyber security tools. This is beneficial in identifying advance threats.

    Manufacturing

I have no issues with the product so far

  • May 28, 2025
  • Review provided by G2

What do you like best about the product?
The UI of the site is and the clarity of the alerts
What do you dislike about the product?
Nothing to report so far. The product seems to be working as designed
What problems is the product solving and how is that benefiting you?
IT is catching alerts and the support is clarifying issues

    Manufacturing

Extremely Knowledgable Company

  • May 28, 2025
  • Review provided by G2

What do you like best about the product?
Integrated easily with all of the products we use. Has saved some time for our security team to work on other projects
What do you dislike about the product?
We were not easily able to integrate AWS but we will get there.
What problems is the product solving and how is that benefiting you?
Our previous SOC was not very helpful when it came to threats and such coming from Microsoft Defender and we are a large O365 Shop

    Consulting

An excellent service for SMBs that cannot staff a SOC

  • May 28, 2025
  • Review provided by G2

What do you like best about the product?
Having a team of qualified security professionals watching your systems 24x7 is a great assurance.
What do you dislike about the product?
It took some asking, but seems the SLA is two hours for evaluating an event that may be an incident. In practice, we have done much better, with some responses in under 3 minutes.
What problems is the product solving and how is that benefiting you?
As an SMB, it is not cost effective to staff a SOC. Red Canary fulfills that requirement with their resources.

showing 1 - 10