We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Red Canary today unveiled a major addition to its managed detection and response (MDR) offering with the introduction of active remediation services, which provide customers with 24/7 response by the company’s security team to cyberattacks such as ransomware.
The company’s ability to offer active remediation to customers is “very unique” in the MDR market, says cofounder and CEO Brian Beyer. And it comes at a time when ransomware attacks continue to escalate (surging 148% through the first three quarters of 2021, according to SonicWall) and the talent shortage in cybersecurity remains severe (there are 460,000 openings in security in the U.S. alone, Cyber Seek estimates).
With Red Canary’s active remediation, “you can have confidence that if ransomware starts inside your organization at 2 a.m., you don’t even have to wait for your team to get that call in the middle of the night and come online,” Beyer said in an interview. “Red Canary will have already responded to it and contained that for you.”
Today, the company also announced it is adding security capabilities beyond securing endpoints, with the introduction of new threat investigation capabilities into its MDR offering. The threat investigation offering ingests data from other security tools used by customers — which Red Canary then investigates to prioritize threats in the customer’s environment.
Red Canary specializes in combining both human and software intelligence in its MDR offering, with technology that ingests not just alerts, but also raw telemetry. The company’s platform processes more than 1PB of telemetry data every day, Beyer said. “That philosophy of mixing together software plus human capabilities is core to Red Canary’s DNA,” he said.
Founded in 2013, Red Canary serves nearly 1,000 customers and has been on a hiring spree over the past year. The Denver-based company now has a staff of 415, up from 221 at the start of 2021.
A year ago, Red Canary raised $81 million in series C funding, bringing the company to more than $125 million in funding to date. The vendor didn’t disclose details on its revenue growth — though Beyer said that as far as he knows, the company is one of the largest and fastest-growing MDR providers by revenue.
The MDR market is now highly competitive, with Gartner tallying 40 major players in the space in a report from last October. Along with Red Canary, others cited by the research firm include Alert Logic, Arctic Wolf, Bitdefender, Crowdstrike, Cybereason, Kroll, Mandiant, Optiv, SecureWorks, and Sophos.
Shorthanded on security
Along with rising cyber threats such as ransomware, the security talent shortage has also bolstered demand for MDR, Beyer told VentureBeat.
On security teams, “nobody has enough people in order to figure out what’s actually a threat and what’s noise. And that’s what Red Canary does for them. We help them understand what the real threat is,” he said. “And then now with this latest release, active remediation, they can actually offload the response and remediation to those threats to us — and we’ll actively take care of that for them 24/7.”
The Red Canary staff members that are now providing active remediation have previously been involved with detection and investigation work on behalf of customers, and with providing customers with security guidance.
In the MDR space, “the remediation side of things is very, very unique,” Beyer said. “There are a small number of security companies who will help you, as a part of their product or service, remediate threats. It’s something that is complicated for most organizations to think about how to deliver a 24/7 service like this — and do it with a high level of quality.”
However, “being able to deliver high-quality services at scale is Red Canary’s business and something we’ve been exceptionally good at and prepared for,” he said. “So this is a very big differentiator compared to our other competitors.”
Active remediation will be offered as an additional subscription service to customers.
One customer that has already been using Red Canary’s active remediation service is custom homebuilder Schumacher Homes. In a news release, Schumacher Homes director of information technology Will McCann said the company has “had a wonderful experience with the service” — describing it as akin to “adding a full security team of five to 10 people.”
Beyond the endpoint
Meanwhile, with the introduction of threat investigation capabilities and ingestion of alerts from other security tools, Red Canary is also now expanding beyond providing protection for endpoint devices — with the capability to now secure cloud workloads, networks, identities, and software-as-a-service (SaaS) applications, as well.
And in these additional areas of security, like the company has done in endpoint security, Red Canary plans to offer a “deeper” approach than competitors — in part through processing a “huge amount of data” to uncover the most pressing threats, Beyer said.
“Other MDR providers have always taken an approach that you’d effectively call ‘skin deep and mile wide'” — covering lots of areas of security but not going deep in any of them, he said.
“Red Canary’s approach has always been [to] find the places where threats are going to hurt you most and go deeper there than anyone else,” Beyer said. “And so I can tell you very confidently, what Red Canary does to identify threats on those endpoints is multitudes of times better and more comprehensive than our competitors. And we plan to take the exact same approach as we go beyond the endpoint.”
The bottom line, he said, is that “Red Canary has been doing this longer than anybody else has.”
“This managed detection and response category that now exists is the result of work we started eight years ago,” Beyer said. And within the MDR space, he said, apart from Red Canary, “there is no one who has looked at as much data, and identified as many ways that adversaries work.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.