Red Canary Managed Detection and Response
Red CanaryReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
120 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Alerts
What do you like best about the product?
The interface is quite nice, and the customer support team is pretty approachable.
What do you dislike about the product?
The alerts are too automated sometimes, and there are times when a Human analyst is preferred.
What problems is the product solving and how is that benefiting you?
It get rids of alot of the false positive.
Good product
What do you like best about the product?
They take care of review all alerts and events and analyze them by CIRT to determine if they are true or false positives from all integrations.
What do you dislike about the product?
Reporting- it is not user friendly and could be challenging to get data or reports
What problems is the product solving and how is that benefiting you?
All threats and incident response flow.
Great MDR solution - simple to use, easy to learn, very effective.
What do you like best about the product?
Being able to sleep at night or go on vacation knowing someone or something is always watching.
What do you dislike about the product?
Some of the Cortex XSIAM integration still needs to be fleshed out.
What problems is the product solving and how is that benefiting you?
24x7 coverage.
Very Easy to Implement, Reliable and Secured
What do you like best about the product?
Implementation in our endpoints was very fast and easy. We get 24/7 MDR protection and the playbook setup process is very intuitive and very manageable. Customer support is reliable and we hardly get false positives, which helps tremendously. Overall, a very solid product.
What do you dislike about the product?
So far, I haven't had any issues with Red Canary. Adding it to Macbooks was slightly different, but that understandable given the different OS.
What problems is the product solving and how is that benefiting you?
Protection of our network and endpoints.
Red Canary is Solid
What do you like best about the product?
Red Canary has accurate threat protection in a easy to view format. Keeps our attention on actual Threats so our screen isn't cluttered, and with automation, we can remediate much quicker.
What do you dislike about the product?
There are some integrations of different systems still needed. DUO being on of them.
What problems is the product solving and how is that benefiting you?
It is helping us save time monitoring and remediating threats.
Red Canary Is Amaizing
What do you like best about the product?
I really love how the timeline makes investigating threats so much easier. It becomes very obvious what do when a threat is doing something very malicious in your environment and it allows for immediate action.
What do you dislike about the product?
Since Red Canary is an MDR solution, it relies on data from endpoint detection tools like CrowdStrike to generate its alerts. One improvement I’d like to see is better suppression of redundant alerts. For example, if CrowdStrike already detects and blocks an unwanted application or process, it would be ideal if Red Canary could recognize that the threat was contained and avoid triggering a separate alert for the same event. This would help reduce alert fatigue and streamline the response process. Aside from that Red Canary is my favorite MDR solution.
What problems is the product solving and how is that benefiting you?
Red Canary makes investigating threats a lot easier. It saves me so much time by breaking down what happened and giving me the key details upfront, so I’m not stuck piecing everything together from scratch.
Red Canary fills the gap as an extension of our security team.
What do you like best about the product?
Our partnership with Red Canary is very much a mutual one. They act as part of our security to help us identify ways we can further use their product, while bringing our questions/concerns to those in decision-making positions. They have proven that their system of automated detection, AI-based analysis, and human eyes for confirmation and final analysis has provided value-add on top of what we receive from our enterprise EDR. They don't exist to check off the baseline of security, they are experts and fanatics in caring about the details. Their focus on the Mitre ATT&CK framework and automation are highly valuable. In regards to our integrations, they really quiet the noise and bring attention to the alerts that truly need our eyes to review.
What do you dislike about the product?
In our experience, some of their integrations have been slow-to-market, and require support to work out some bugs.
What problems is the product solving and how is that benefiting you?
Red Canary doesn't just automate actions on alerts received from our EDR, they also take action on other logs that our EDR may have missed. They also provide the capability for automated workflows, which is essential for containment, especially after-hours. Additionally, I appreciate that human eyes go in front of every threat before it is classified; we can have expert analysis of alerts without having the expertise ourselves. This is crucial for a small company like ours.
Red Canary is a great choice for an external SOC
What do you like best about the product?
Fast and easy onboarding process.
Great platform, that provides additional protection and insights for Microsoft customers.
Competent and helpful threat hunting team, that also gives recommendations.
Great platform, that provides additional protection and insights for Microsoft customers.
Competent and helpful threat hunting team, that also gives recommendations.
What do you dislike about the product?
High license requirements (Microsoft), to get the most out of the product and service.
Sometimes it's difficult to schedule meetings because we are located in the EU.
The 24/7 protection is limited to high alerts outside of Red Canarys business ours.
Sometimes it's difficult to schedule meetings because we are located in the EU.
The 24/7 protection is limited to high alerts outside of Red Canarys business ours.
What problems is the product solving and how is that benefiting you?
For a small and young business, we greatly benefit from Red Canarys expertise. We can have a good nights sleep, knowing that Red Canary keeps us safe outside of our business hours.
Red Canary is Top Tier
What do you like best about the product?
Implementation, ease of use, and customer support are 3 of the main things that Red Canary goes above and beyond with. In the tech industry we've all experienced very unhelpful support, and when it comes to our security posture it's allows us to "set and forget" a lot of the triggers that we see on a daily basis. Their team has been instrumental in steering us towards success, whether it's monthly meetings, actual malicious triggers, or just to chat about upcoming security changes.
What do you dislike about the product?
We have yet to see many downsides, at all, when it comes to using Red Canary. With any security software, it will be quite overwhelming if you're just getting your feet wet for the first time, but their team of experts makes it very easy for your worries to subside.
What problems is the product solving and how is that benefiting you?
Having a MDR allows us to focus ourselves on things outside of our security posture. We are a small, but mighty, team so we need all the help we can get. Red Canary allows us to set and forget a lot of our triggers, as well as remediating them and doing the leg work before we're aware of what's going on.
Monitors traffic effectively and assists in compliance decision-making for quick response
What is our primary use case?
We use Red Canary to monitor incoming and outgoing traffic. For example, when we receive an alert that data from our internal IP address to an external IP address has been transferred, we investigate using a Palo Alto firewall.
What is most valuable?
Red Canary detects threats and attack patterns, allowing us to assess any significant damage caused to the banking environment, particularly if protected data has been damaged or corrupted. It is valuable for security teams in banking industries that need to make informed decisions quickly. Red Canary solutions are useful for compliance with standards like FFIEC and PCI and are employed in medical operations for HIPAA compliance.
What needs improvement?
Red Canary's pricing spectrum may not be ideal for smaller financial institutions.
For how long have I used the solution?
I have been using Red Canary for four years.
What do I think about the stability of the solution?
We have had no issues with stability. It runs smoothly.
What do I think about the scalability of the solution?
The pricing should be decreased so that other smaller banks, apart from the IT industry, can implement it.
How are customer service and support?
We have a monthly catch-up call with the support team to discuss alerts. In emergencies, there is an on-call person available to resolve issues immediately.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is easy and does not require external support.
What's my experience with pricing, setup cost, and licensing?
The services are higher priced.
What other advice do I have?
I recommended Red Canary to my friends who work in other organizations. I guide them about this tool, share knowledge on its features, and explain the process of how we use it. I would rate the overall solution on a scale of one to ten as nine.
showing 11 - 20