Self-Guided Onboarding
    • 30 Jun 2025
    • 2 Minutes to read
    • PDF

    Self-Guided Onboarding

    • PDF

    Article summary

    These videos are recordings of training sessions conducted by the Red Canary Technical Implementation Managers and are designed to deliver the knowledge and resources needed for a successful implementation. They provide a step-by-step walkthrough of the onboarding process and will enable you to complete your setup, learn about core features, and begin using the Red Canary platform at your own pace.

    Red Canary Portal Training
    Automation Training
    Active Remediation Training


    Red Canary Portal Training

    This session will help new and returning users confidently navigate and utilize the full capabilities of the Red Canary portal. Whether you're managing endpoints, reviewing detections, or generating reports, this video provides the knowledge you need to get started and work efficiently. It covers the following topics:

    • Navigating overall portal functionality

    • Managing and monitoring your endpoints

    • Understanding and exploring threats and gaining a high-level overview

    • Performing investigation and analysis of suspicious activity

    • Accessing and interpreting reports to support your security operations

      [53 minutes]

    Next Steps:

    To reinforce what you’ve learned, please complete the following tasks in your Red Canary portal:

    1. Complete the Company Profile section, including populating the Security Protocol contact list with the appropriate contacts.

    2. Navigate to the Applications section and review any applications listed as "Needs Review." Update their status accordingly.

    3. Explore the Threats section by opening an existing threat detection and reviewing its details, including timeline, indicators, and endpoint activity.

    4. Access the Endpoints page, select a host, and review its recent behavior and detection history.

    Completing these tasks will ensure that your environment is configured properly and you’re confident using key areas of the portal.


    Automation Training

    This session walks you through how automation works within the Red Canary portal and how it can help streamline your security operations, reduce manual effort, and improve response times. It covers the following topics:

    • Understanding the core concepts of automation within the platform

    • Configuring and customizing automation playbooks or workflows

    • Setting up automated alert responses and actions

    • Integrating automation with endpoint and threat detection

      [37 minutes]

    Next Steps:

    To apply what you've learned in this training, please complete the following tasks in your Red Canary Portal:

    1. Review your current automation settings to understand what playbooks or workflows are currently active.

    2. Navigate to the Automation section and explore the available playbook templates.

    3. Identify at least one use case to implement automation, such as isolating a host or assigning a threat, and begin drafting or enabling a relevant playbook.

    4. Verify that your automation configurations align with your incident response process and escalation paths.

    5. Discuss additional automation use cases with your internal team to ensure consistency with your organization’s security protocols.

    Completing these tasks will help you begin applying automation effectively and ensure it's working in alignment with your team’s goals.


    Active Remediation Training

    This session covers how to use Red Canary’s Active Remediation to take fast, targeted action on confirmed threats across managed endpoints. Active Remediation provides hands-on-keyboard support from Red Canary’s Threat Response Engineer (TRE) team, who are notified to begin remediation based on your subscription settings. It covers the following topics:

    • Monitoring and managing Active Remediation in the portal

    • Understanding TRE and SOAR response workflows

    • Tracking remediation status and outcomes

    • Collaborating with Red Canary throughout the process

      [22 minutes]

    Next Steps:

    To reinforce your understanding and prepare your environment for effective remediation, please complete the following tasks:

    1. Review the Getting Started with Active Remediation article and set up a Group within your EDR platform using this naming convention:
      Remediate – [Group Name]

    2. Familiarize yourself with the isolation and artifact removal process by examining a past remediation example (if available).

    3. Discuss with your internal team how Red Canary’s Active Remediation integrates into your existing incident response workflows.

    4. Review this article to deepen your understanding: Active Remediation FAQ


    Was this article helpful?

    What's Next
    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.