Red Canary MDR consolidates a diverse array of security providers, allowing you to centrally manage all your alerts and get more value from your security tools.
We analyze both alerts and raw telemetry from endpoint, network, cloud, identity and other data sources, helping you detect cyber threats earlier and stop them faster without disrupting your existing workflows.
The following providers are supported for Investigations in Red Canary MDR:
Provider | Supported Platform | Class of Security Data | Ingest Type |
|---|---|---|---|
Amazon Web Services | Cloud | API | |
Broadcom | EDR | API | |
Broadcom | EDR | API | |
Cisco | Identity | API | |
Cisco | Network | Email, Syslog | |
Cisco | Network | HTTP | |
Cisco | Network | ||
CrowdStrike | Identity | API | |
CrowdStrike | EDR | API | |
Darktrace | Network/Internet of Things | ||
Dragos | Operational Technology (OT) | Syslog | |
ExtraHop | Network | API | |
ExtraHop | Network | HTTP | |
Fortinet | Network | Syslog | |
Fortinet | Network | Syslog | |
Cloud | API | ||
SaaS | API | ||
Jamf | EDR | API | |
Lacework | Cloud | API | |
Microsoft | Cloud | API | |
Microsoft | AI Tools | N/A | |
Microsoft | Cloud | API | |
Microsoft | Identity | API (via Microsoft Graph) | |
Microsoft | EDR | API Poll (via Microsoft Graph) | |
Microsoft | Identity | API (via Microsoft Graph) | |
Microsoft | API Poll (via Microsoft Graph) | ||
Microsoft | Identity | API | |
Microsoft | Identity | API (via Microsoft Graph) | |
Microsoft | Aggregate | API | |
Microsoft | SIEM | API | |
Okta | Identity | API | |
Palo Alto | EDR | API | |
Palo Alto | Network | Syslog | |
Palo Alto | Network | Syslog | |
Palo Alto | Network | Email, Syslog | |
SentinelOne | EDR | API | |
Trend Micro | EDR | API | |
Wiz | Cloud | API | |
Zscaler | Network | API |