Alongside our human-led Managed Detection and Response services, Red Canary employs a range of expert AI Agents to free SOC analysts from manual and repetitive work. We’ve programmed these Agents with over a decade of real-world security operations experience, and we constantly manage and tune their output to ensure quality and predictability.
The Agents Page
You can use the Agents page in the Red Canary portal to monitor which Agents are currently executing in your environment and view additional details. For information about using this page, see View Agents.
Available Agents
The following AI Agents are currently active in Red Canary:
Agent Name | Product | Category |
|---|---|---|
Alert Summary Agent | MDR | Investigation |
Cloud Security Investigation Agent (AWS GuardDuty) | MDR | Investigation |
Customization Review Agent | MDR | Investigation |
Email Analyzer Agent | Managed Phishing | Email Security |
Endpoint Investigation Agent (CrowdStrike Falcon EPP) | MDR | Investigation |
Endpoint Investigation Agent (Microsoft Defender for Endpoint) | MDR | Investigation |
Endpoint Investigation Agent (Palo Alto Cortex XDR) | MDR | Investigation |
Endpoint Investigation Agent (SentinelOne) | MDR | Investigation |
Event Hide Comment Agent | MDR | Investigation |
Hybrid Investigation Agent (Wiz Security Platform) | MDR | Investigation |
Identity Investigation Agent (Cisco Duo) | MDR | Investigation |
Identity Investigation Agent (CrowdStrike Falcon Identity) | MDR | Investigation |
Identity Investigation Agent (Microsoft Entra Identity Protection) | MDR | Investigation |
Identity Investigation Agent (Okta Workforce Identity Protection) | MDR | Investigation |
Identity Investigation Agent (Red Canary Identity Engine) | MDR | Investigation |
Identity Investigation Agent (User Baselining & Analysis) | MDR | User Behavioral Analysis |
Investigation Agent (Red Canary EDR) | MDR | Investigation |
Phishing Triage Agent | Managed Phishing | Email Security |
SIEM Investigation Agent (Microsoft Sentinel) | MDR | Investigation |
Threat Annotation Description Agent | MDR | Investigation |
Threat Annotation Hardening Agent | MDR | Response |
Threat Annotation Hunting Agent | MDR | Investigation |
Threat Annotation Response Remediation Agent | MDR | Response |
Threat Annotation Summary Agent | MDR | Investigation |
Threat Annotation Timeline Activity Agent | MDR | Investigation |
Threat Annotation Timeline Indicator Agent | MDR | Investigation |
Threat Escalation Potential Agent | MDR | Investigation |
Threat Recommendations Agent | MDR | Response |
Threat Report Agent | MDR | Response |
Threat Resource Recommendations Agent | MDR | Investigation |
Threat Response Recommendation Agent | MDR | Response |
Threat Review Agent | MDR | Investigation |