# Red Canary Reviews **Vendor:** Red Canary **Category:** [Managed Detection and Response (MDR) Software](https://www.g2.com/categories/managed-detection-and-response-mdr) **Average Rating:** 4.7/5.0 **Total Reviews:** 130 ## About Red Canary Red Canary provides managed detection and response (MDR), finding and stopping threats before business impact. You get a security operations platform and 24x7 service that proactively monitors for malicious and suspicious behaviors and responds to stop them from becoming serious security incidents. MDR services complement and enhance your SOC, operating as a trusted partner, offering the expertise, tools, and support needed to strengthen your overall security posture. The platform works using several key components: Your existing endpoint and cloud workload sensors/agents Alert collectors and integrations with your alert-generating security products Integrations with your cloud service providers, identity platforms, and SaaS applications Cloud-hosted collection, detection, and response platforms Our Cyber Incident Response Team (CIRT) Our Threat Hunting team The sensors already running on the endpoints and cloud workloads that make up your corporate and production environments collect detailed telemetry about what is happening in those systems. The telemetry and alerts from your cloud service provider, identity platforms, SaaS applications, and other security products are both sent to our cloud-hosted platform. This allows our CIRT to perform analysis of that data to identify and confirm suspicious activity and security incidents. The security orchestration and response capabilities can execute automations using playbooks on endpoints for response and remediation. Our unique combination of detection-as-code detection engineering, proactive threat hunting, and agentic AI uncovers critical threats deep within your environment before they cause harm. Our renowned in-house intelligence team provides tactical insights tailored to your unique environment, helping you understand the adversaries you face, their specific tactics, and how to stop them. Red Canary enables 10X faster response to threats, helping you slash your mean time to respond (MTTR) by detecting threats early, investigating with precision, and enabling rapid containment, both expert-led and automated. Red Canary helps get more value from your existing tech stack continuously analyzing data across identities, endpoint, and cloud. ## Red Canary Pros & Cons **What users like:** - Users trust the **responsive and knowledgeable customer support** of Red Canary, enhancing their overall cybersecurity experience. (40 reviews) - Users commend Red Canary for its **advanced threat detection capabilities** , significantly enhancing their cybersecurity posture and confidence. (26 reviews) - Users value the **reliable security and responsive support** of Red Canary, enhancing confidence in their cybersecurity measures. (20 reviews) - Users appreciate the **timely and precise alert management** of Red Canary, significantly enhancing their security response capabilities. (16 reviews) - Users appreciate the **great team and innovative features** of Red Canary, highlighting excellent customer service and seamless integrations. (15 reviews) - Users commend the **exceptional staff expertise** at Red Canary, highlighting their proactive support and deep technical knowledge. (15 reviews) - Users appreciate the **continuous monitoring** of Red Canary, enhancing threat detection with clear insights and minimal false positives. (14 reviews) - Investigation (14 reviews) - Easy Integrations (13 reviews) - Immediate Response (12 reviews) **What users dislike:** - Users experience **inefficient alert system** with delays and redundancy, leading to alert fatigue and response challenges. (13 reviews) - Users report **communication issues** with Red Canary, citing inconsistency in support and unfulfilled commitments. (7 reviews) - Users find Red Canary to be **expensive** , especially with the new a la carte pricing model and inflexibility. (6 reviews) - Users find the **difficult navigation** of Red Canary's mobile app frustrating and hope for improvements in future updates. (4 reviews) - Users experience **integration issues** with AWS and find reliance on Crowdstrike limits broader functionality with other sources. (4 reviews) - Users experience **poor customer support** with slow response times and inconsistent service from multiple representatives. (4 reviews) - Lack of Automation (3 reviews) - False Positives (2 reviews) - Inadequate Detection (2 reviews) - Learning Curve (2 reviews) ## Red Canary Reviews ### 1. Robust MDR with Accurate Alerts, Detailed Reports, and Versatile Integrations **Rating:** 4.5/5.0 stars **Reviewed by:** Rinalon E. | Threat Intelligence Manager, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** May 12, 2026 **What do you like best about Red Canary?** Red Canary is a robust managed detection and response approach that facilitates the security team to identify threats faster Red Canary has robust reputation on sharing actionable alerts and there is no false positives, hence, the alerts shared are accurate The program issues a detailed investigation information or report, and the appropriate remediation guide The integration of Red Canary with items such as CrowdStrike, Microsoft Defender, among others is a versatile thing from the app The app provides reliable customer service or feedback and it conducts knowledgeable analysis **What do you dislike about Red Canary?** Red Canary has an expensive pricing, no small packages for small companies Occasionally, Red Canary experiences some delays, and this gaps affects the continuity of the company **What problems is Red Canary solving and how is that benefiting you?** Red Canary is resourceful in reducing or filtering noisy detection, where it prioritizes on actionable and real incidents The app creates a 24/7 cybersecurity monitoring, and there is timely response to avoid damages The app detects credential theft, ransomware, endpoint threats and cloud activities before they cause damages The incidence report time or rate is largely supported by the app, and the remediation shared are timely and consistent The process of threat monitoring is also a paramount factor, where it conducts proper surveillance both on cloud and across endpoints Red Canary strengthens the security preparedness and posture of a business without extreme financial facilitation ### 2. The precision and efficiency of Red Canary in cybersecurity **Rating:** 5.0/5.0 stars **Reviewed by:** Osman M. | Design & Estimation Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 26, 2026 **What do you like best about Red Canary?** What I like most about Red Canary is its accuracy in threat detection and its exceptional speed in protecting systems with high efficiency. The performance combines speed and efficiency simultaneously. I also appreciate the ease of reading and preparing reports that help us understand threats quickly, which reduces wasted time on reviewing false alarms and focuses our efforts only on real threats. **What do you dislike about Red Canary?** Some see the price as slightly high, and it needs to integrate with many other systems. **What problems is Red Canary solving and how is that benefiting you?** Red Canary helps me quickly and accurately detect threats, reducing false alarms and allowing me to focus on real threats, in addition to the ease of reading reports to quickly understand the threats. ### 3. Red Canary Delivers Actionable Alerts and Faster Response **Rating:** 5.0/5.0 stars **Reviewed by:** Ahmad O. | Security Design and Estimation Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 23, 2026 **What do you like best about Red Canary?** It reduces the burden on internal security teams by handling alert monitoring, investigation, and validation, while providing clear and actionable findings instead of noise. This helps improve response speed and overall security confidence. **What do you dislike about Red Canary?** One downside of Red Canary is that it can feel less flexible for advanced customization compared to building an in-house SOC. Some users may also find it limited in deep visibility or control over certain investigations since it’s a managed service. **What problems is Red Canary solving and how is that benefiting you?** Red Canary solves problems like alert overload, lack of skilled SOC resources, and slow threat detection and investigation. ### 4. Easy Onboarding and Excellent Support with Red Canary **Rating:** 4.0/5.0 stars **Reviewed by:** Kris F. | Datacenter Administrato, Enterprise (> 1000 emp.) **Reviewed Date:** October 14, 2025 **What do you like best about Red Canary?** Getting started with Red Canary was relatively simple and straightforward. Working with the Red Canary team has been an overall positive experience and the customer service has been outstanding. Though we are still learning product, and refining our internal response processes, we are still gaining valuable insight on the alerts that are published. The information is compiled from the alerting sources is easy to access and helps us from having to traverse multiple consoles and dashboards. The new 'investigations' link, provided in the Threat portal takes us directly to the 'inner workings' of the Red Canary 'magic'. So far, we are pleased with the Red Canary team and their product. It's an improvement from the solution from which we migrated. **What do you dislike about Red Canary?** Navigation does take some getting used to. We would like to see FreshDesk support, in the future. **What problems is Red Canary solving and how is that benefiting you?** No ongoing issues at the moment. ### 5. Red Canary Gives Peace of Mind and Streamlines Incident Response **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Higher Education | Mid-Market (51-1000 emp.) **Reviewed Date:** October 31, 2025 **What do you like best about Red Canary?** I sleep better at night knowing the Red Canary team has our back. Before Red Canary, I would need to interrupt my day to perform investigations on alerts that came into my mailbox, that included after hours alerts that would take me away from my family and friends for hours at a time. With Red Canary, they now take that off my plate and I trust fully in their investigations, analytics, and alert categorization. The configuration of playbooks and integrations into our platforms, allows automation of activity that I would have had to do manually through several different platforms and innumerous clicks. Red Canary has simplified and made more efficient response times in addressing incidents, even in some cases, retroactively analyzing telemetry that was initially not viewed as a threat, but found later to be something to worry about. The platform is easy to navigate, the implementation team was knowledgeable, I'm in the dashboard every day to see what's new on their feed and to see how they've protected our environment. On the rare occasion I need to reach out to support, they are responsive, professional, and knowledgeable to find me a solution. I am whole heartedly thankful that we invested in Red Canary! **What do you dislike about Red Canary?** It's hard for me to find a dislike about Red Canary, I've used the service for about 12 months and any negatives I've encountered in their service is addressed by my account team or customer support. **What problems is Red Canary solving and how is that benefiting you?** We are required to have 24/7 monitoring, which is difficult for a small staff that likes to sleep at night and spend time with their family after hours. Red Canary has helped us address threats after hours, have alerted us on potential threats that we should be concerned about, and keeps us up to date on the latest threats that could impact our environment. ### 6. Excellent MDR, Transparent Sales Process, Minor Support and Alert Delays **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Insurance | Enterprise (> 1000 emp.) **Reviewed Date:** October 15, 2025 **What do you like best about Red Canary?** Overall, this is a very good MDR solution. Communication about their roadmap, internal processes, and threat intelligence is clear and informative. Their blog is also excellent, providing valuable information. A few points stand out to me: The initial sales and POC process was handled very professionally, they were transparent about any issues or unknowns and never tried to hide anything. The setup and rollout were seamless and straightforward. Integrations are simple to manage. I appreciate being able to view some of the detection logic, which is extremely helpful when troubleshooting or checking if a specific detection exists. Automation is both easy to configure and highly customizable. Although we no longer use it, the Red Canary Linux agent performed very well, with minimal overhead and solid telemetry, though I do wish there had been more visibility into that telemetry. **What do you dislike about Red Canary?** 1. Sometimes the level 1 support has been underwhelming, but it has been rare. 2. Sometimes the time to raise an alert takes longer than expected. Not common, but has occurred more than once. 3. Not able to create custom detections (at least I am not aware of that functionality). **What problems is Red Canary solving and how is that benefiting you?** An excellent MDR augmenting our SOC at all levels, as well as providing their own detections and threat intelligence. ### 7. Fantastic company to work with, especially for organizations with smaller Security Teams **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Legal Services | Mid-Market (51-1000 emp.) **Reviewed Date:** January 14, 2025 **What do you like best about Red Canary?** The ease of mind I get from knowing an expert will be available 24/7 to respond to critical alerts, and provide low-level expertise during an incident. **What do you dislike about Red Canary?** Unable to fully integrate with our suite of tools in CrowdStrike, particularly the CrowdStrike Identity Protection. **What problems is Red Canary solving and how is that benefiting you?** Red Canary(RC) is allowing us to ingest EDR telemetry into their platform, and create runbooks for certain scenarios, automatically kicking off segregation and remediation steps for the afflicted devices, and does so 24/7. As we do not have a large security team, being able to reliably have someone available during off hours, is a major component and have had multiple experiences where having just that, has allowed us to stay ahead of attack attempts. Not only do the runbooks kick off automatically, RC also assigns an analyst to the case, so they can perform an in depth review of the event, and personally assists us in ensuring that all points of concern are properly addressed and also gives us confirmation after our own reviews to ensure everything has been taken care of. ### 8. Exceptional Partner, But Detection Gaps During Pen Tests **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Insurance | Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2025 **What do you like best about Red Canary?** The IR team and detection engineers here are truly outstanding, and it's always a pleasure to collaborate with them. The implementation of Red Canary was very easy and their onboarding team was great to work with. **What do you dislike about Red Canary?** Over the past few years, we've undergone several external penetration tests, and during these assessments, Red Canary was not able to identify the malicious activity while the tests were ongoing. Also, they do not have any sort of alert ingestion integrations with Splunk or other SIEM platforms, and we needed to rely on custom API scripts to ingest alerts into our SIEM. **What problems is Red Canary solving and how is that benefiting you?** Red Canary serves as our 24/7 SOC analyst, monitoring our systems during off hours. In addition, Red Canary acts as an extra layer of oversight, working alongside our internal SOC team to enhance our security monitoring. ### 9. Red Canary has every one of your sides **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** August 27, 2025 **What do you like best about Red Canary?** Red Canary's support and threat experts are true experts in their field. They work hard and provide a deep technical analysis related to any finding and will even provide input for a non-finding if you ask. Ifs like the team really loves to chat with their customers so they can talk security shop and provide any actionable intel. The best thing is that they will go outside of their lane and provide guidance if you have security questions related to best practices or technical points on how to work through an event. They will also let you know if they are not able to provide clean guidance but can still provide a direction to help you. **What do you dislike about Red Canary?** You may get a specific recommendation that you may not be able to perform, or their feedback is they are not able to assist because you are not subscribed to a specific service. **What problems is Red Canary solving and how is that benefiting you?** Their security team is an extension of our SOC. We have a group of experts that we know we can lean into to ask anything related to the even or asking regards to other security questions. This allows our lean team to move on to other more pressing matter and projects, ### 10. Excellent Documentation and Support, but Needs Better Automation for Re-activating Devices **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Hospital & Health Care | Enterprise (> 1000 emp.) **Reviewed Date:** October 17, 2025 **What do you like best about Red Canary?** The documentation for this tool is excellent. Whenever I have a question, I can almost always find the answer there. On the rare occasions when the documentation doesn't cover my issue, the support team is fantastic. They respond quickly and are always very helpful. **What do you dislike about Red Canary?** I wish Red Canary would allow customers to create a playbook for automating the re-activation of decommissioned computers that reappear on the network, rather than having to handle each one individually. The current process is very time-consuming. **What problems is Red Canary solving and how is that benefiting you?** Red Canary responds rapidly to potential issues, promptly notifying us whenever there is a concern with an account, system, or a user's login location. This helps ensure that we do not overlook anything important, even when we are monitoring things on our own. ### 11. Two years with Red Canary **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** January 14, 2025 **What do you like best about Red Canary?** Very satisfied with Red Canary's service and dedication to cybersecurity. Their proactive approach and advanced threat detection capabilities have significantly enhanced our organization's security posture. The team's expertise and responsiveness are truly amazing, we feel confident and well-protected. Red Canary's commitment to continuous improvement and customer satisfaction is evident in every interaction. **What do you dislike about Red Canary?** It's not so much dislike but sometimes there is a high volume of alearts and it can be a little overwhelming since our team is very small, but I also understand they are necessary. **What problems is Red Canary solving and how is that benefiting you?** Threat detection and response which helps us monitor our environment by detecting and responding to threats. Enhances visibility which it helps us address vulnerabilities more effectively ### 12. Red Canary is Top Tier **Rating:** 5.0/5.0 stars **Reviewed by:** Andrew S. | Senior Systems Administrator, Enterprise (> 1000 emp.) **Reviewed Date:** May 06, 2025 **What do you like best about Red Canary?** Implementation, ease of use, and customer support are 3 of the main things that Red Canary goes above and beyond with. In the tech industry we've all experienced very unhelpful support, and when it comes to our security posture it's allows us to "set and forget" a lot of the triggers that we see on a daily basis. Their team has been instrumental in steering us towards success, whether it's monthly meetings, actual malicious triggers, or just to chat about upcoming security changes. **What do you dislike about Red Canary?** We have yet to see many downsides, at all, when it comes to using Red Canary. With any security software, it will be quite overwhelming if you're just getting your feet wet for the first time, but their team of experts makes it very easy for your worries to subside. **What problems is Red Canary solving and how is that benefiting you?** Having a MDR allows us to focus ourselves on things outside of our security posture. We are a small, but mighty, team so we need all the help we can get. Red Canary allows us to set and forget a lot of our triggers, as well as remediating them and doing the leg work before we're aware of what's going on. ### 13. Great Experience Overall **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** July 07, 2025 **What do you like best about Red Canary?** Red Canary provides timely alerts with rich contextual information, which significantly accelerates my ability to triage and respond to security incidents. The quality of the alerting is excellent, with very low false positive escalation rates, saving me valuable time and reducing alert fatigue. I also appreciate the platform’s automation capabilities, which allow for streamlined and automated incident response workflows, making it easier to contain and remediate threats efficiently. **What do you dislike about Red Canary?** I have not encountered any major downsides so far. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is solving the challenge of providing comprehensive, around-the-clock security monitoring and threat detection without requiring a large internal SOC team. With Red Canary’s managed detection and response, we’re able to maintain 24/7 coverage and quickly identify important security events, even with a small team. This allows us to confidently focus on other operational priorities, knowing that critical threats will be surfaced promptly and with actionable context. As a result, we can shift our attention back to security response only when it truly matters, improving both our efficiency and our security posture. ### 14. Innovative Platform with a Fantastic Team **Rating:** 4.5/5.0 stars **Reviewed by:** Nyír V. | Director of Information Security, Enterprise (> 1000 emp.) **Reviewed Date:** October 28, 2025 **What do you like best about Red Canary?** Great team, platform, and innovations; I love how they are developing new features, integrations, and listen to client feedback. **What do you dislike about Red Canary?** Nothing comes to mind; entirely possible that the few tiny things that would help me with yearly or quarterly administrative tasks (licensing true-up) are in place and I just need to go look myself. **What problems is Red Canary solving and how is that benefiting you?** Very nearly a desired single pane of glass for our security stack, which is hugely beneficial to a small and elastic security team. ### 15. Red Canary and Patagonia **Rating:** 5.0/5.0 stars **Reviewed by:** Charles C. | Global Cybersecurity Team Lead, Enterprise (> 1000 emp.) **Reviewed Date:** January 06, 2025 **What do you like best about Red Canary?** Red Canary has provided our team with a quite a few features that has helped our small team focus on larger adminstration activities needing attention. The implementation and easy integration to our existing applications saved tremendous time in getting things up and running without delay helping the team immediately. As a tool we use and reference daily this was critical and any issue we have come across the support of their team has been nothing short of top tier. I cannot recommend Red Canary enough. **What do you dislike about Red Canary?** I dont have much to say in regards to what we dislike about the Red Canary product. If i had to pick something it would be id like to see more integrations available but those are always being added. Any issue we have ever had has been quickly addressed by their team. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is helping us by being an extension of our security team in handling alerts as they come in. Essentially opening up our team to allow us to be more proactive in our work. ### 16. Promising first several months using Red Canary **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** January 08, 2025 **What do you like best about Red Canary?** Red Canary first and foremost has reduced the amount of noise we were getting from our various log sources in our SIEM. Set up relatively seamless. Every staff member at Red Canary we have worked with has been a pleasure to work with and has been transparent. I am in the console every day looking at threats, alert, and other data being collected. Red Canary has fit well within our team workflows. **What do you dislike about Red Canary?** I wish the integrations beyond Crowdstrike were a bit more robust and greater in number. Red Canary is perhaps too reliant on Crowstrike and less on our other sources which are important (Cloud, Identity Email, etc.). We also find that Red Canary detections could be more proactive. **What problems is Red Canary solving and how is that benefiting you?** Red Canary helps us identitfy threats in our environment in an efficient manner, wasting less time on false positive detections than we had in the past. It also does a good job of identifying areas within our environment that need fixing/remediaiton. ### 17. Red Canary fills the gap as an extension of our security team. **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Banking | Mid-Market (51-1000 emp.) **Reviewed Date:** May 06, 2025 **What do you like best about Red Canary?** Our partnership with Red Canary is very much a mutual one. They act as part of our security to help us identify ways we can further use their product, while bringing our questions/concerns to those in decision-making positions. They have proven that their system of automated detection, AI-based analysis, and human eyes for confirmation and final analysis has provided value-add on top of what we receive from our enterprise EDR. They don't exist to check off the baseline of security, they are experts and fanatics in caring about the details. Their focus on the Mitre ATT&CK framework and automation are highly valuable. In regards to our integrations, they really quiet the noise and bring attention to the alerts that truly need our eyes to review. **What do you dislike about Red Canary?** In our experience, some of their integrations have been slow-to-market, and require support to work out some bugs. **What problems is Red Canary solving and how is that benefiting you?** Red Canary doesn't just automate actions on alerts received from our EDR, they also take action on other logs that our EDR may have missed. They also provide the capability for automated workflows, which is essential for containment, especially after-hours. Additionally, I appreciate that human eyes go in front of every threat before it is classified; we can have expert analysis of alerts without having the expertise ourselves. This is crucial for a small company like ours. ### 18. MDR service with strong focus on detection engineering for endpoints **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Investment Management | Mid-Market (51-1000 emp.) **Reviewed Date:** January 15, 2025 **What do you like best about Red Canary?** Red Canary is very focused on writing detections and applying them to the telemetry from your environment. They are less concerned about alerts that pop-up from the rest of your detection stack. The other alerts are in the RC portal for context and can be acted upon, mostly by the customer. For EDR the integration is pretty straightforward through API. Their customer support is very good and personal. **What do you dislike about Red Canary?** Red Canary seems very focused on cybercrime and commodity threats, perhaps a bit less on the APT and state-sponsored attackers. This may or may not fit your organization's risk profile. We have also had issues with roadmap promises and new integrations, where time estimates seems to have been overly optimistic in the beginning. **What problems is Red Canary solving and how is that benefiting you?** Red Cananry auguments our detection stack with Red Canary written detections. This gives us better detection capabilites with little overhead and management. They are also first responders 24/7. ### 19. Great! **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** May 30, 2024 **What do you like best about Red Canary?** They are quick with their response time and do everything they can to help resolve your issues. **What do you dislike about Red Canary?** I have not experienced any downsides with Red Canary yet. **What problems is Red Canary solving and how is that benefiting you?** Red Canary has been instrumental in identifying a significant amount of riskware on our endpoints. Additionally, their identity monitoring is impressive, as they promptly alert us to any unusual login activity. ### 20. Quick, Easy, and Supported by an Excellent Team **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** October 28, 2025 **What do you like best about Red Canary?** Red Canary is quick and easy to work with. They have excellent people working for them that greatly assist with triage of alerts. **What do you dislike about Red Canary?** Identity threats can throw a lot of alerts that Red Canary folks can't act on. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is helping to scrub through all of our alerts to help identify security threats. ### 21. Red Canary Review **Rating:** 5.0/5.0 stars **Reviewed by:** Josh V. | Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 13, 2025 **What do you like best about Red Canary?** Red Canary allows our team to have 24/7 monitoring of alerts and threats without having to staff our team for after hours monitoring. We have playbooks configured to take actions for after hours alerts/threats to automated the handling of incidents. **What do you dislike about Red Canary?** The one improvement I would like to see from Red Canary is the ability to trigger playbooks manually if needed while reviewing an incident. There are few use cases where this is necessary, but would be a huge benefit in when the scenario comes up. **What problems is Red Canary solving and how is that benefiting you?** Red Canary allows our team to have 24/7 monitoring of alerts and threats without having to staff our team for after hours monitoring. We have playbooks configured to take actions for after hours alerts/threats to automated the handling of incidents. Red Canary analysts review alerts before escalting to our review, cutting down on the number of total alerts and false positives that must be investigated by our team. The ability to create playbooks for certain threat types allows for consistent incident handling. I also appreaciate that Red Canary is always updating their detectors to identify the newest techniques that are being used ensuring that new attacks will also be caught. ### 22. My RC Customer Support Team Rocks!!! **Rating:** 5.0/5.0 stars **Reviewed by:** James L. | Senior Information Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** January 07, 2025 **What do you like best about Red Canary?** Almost no false positives, the fact that you have expects making new analytics to detect malicious activity and quickly adding those detections into our consoles. However, our support team is amazing. I love Steve McReynolds and Susannah Howard-Spink has been really awesome too! They have made the user experience enjoyable and integrations/updates to our instance seamless. Thank you!! **What do you dislike about Red Canary?** I wish I actually had something constructive to add here, y'all just rock it so hard... i guess don't lose sight of your original mission as the business grows, keeping the same amount of investments that are made today in your support teams, your intel teams, and even the team that does all the external facing blogs (which I love to read). I know the bottom line and showing year over year profits are what is necessary from a business perspective, but I guess I hope that the spirit of Red Canary doesn't die with that growth. **What problems is Red Canary solving and how is that benefiting you?** 24/7 'eyes on glass' and a sense of additional protection that we didn't feel was there with just carbonblack running on systems. ### 23. Red Canary Saves the Day **Rating:** 5.0/5.0 stars **Reviewed by:** Kim S. | Director of IT, Enterprise (> 1000 emp.) **Reviewed Date:** January 15, 2025 **What do you like best about Red Canary?** Red Canary's playbooks automate immediate actions to protect us. I appreciate the timely alerts, Red Canary always sends us alert before any other monitoring system we employ. The knowledge of the analysts is impeccable and unmatched in the field. Understanding, investigating and teaching our on-prem team is so valuable and has saved us several times and allowed us to shutdown attacks as they begin to happen. Awesome team and reporting systems! **What do you dislike about Red Canary?** Nothing I can think of. SOmetimes responding to threats has required that we ask questions and learn more about what is proposed and the affects of approving or denying actions./ **What problems is Red Canary solving and how is that benefiting you?** Red Canary alerts us as soon as suspicious behavior is detected and the shear number of playbooks they have is incredible. Threats are shutdown quickly and allow our feedback on the behaviors, endpoints and software to make alerting more actionable and useable within our organization. ### 24. Great core product **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Insurance | Enterprise (> 1000 emp.) **Reviewed Date:** June 04, 2025 **What do you like best about Red Canary?** Red Canary excels at ingesting and correlating telemetry and alerts from our Microsoft Defender suite, combining and deconflicting that data into a single, cohesive threat narrative for a given machine or activity. This correlation capability provides a clearer picture of threats than we get from our other tools and can reduce the time our analysts spend on manual investigation. The platform itself is intuitive and well-designed, making it easy to navigate and use. Additionally, the customer support has been excellent—particularly Annalise and Matthew, who have been responsive and helpful, with Matthew providing deep technical assistance on integrations and automation. Overall, Red Canary adds meaningful value to our security operations. **What do you dislike about Red Canary?** While Red Canary offers strong automation capabilities, there are some limitations that impact our ability to fully leverage the platform. One of the main issues is the inconsistency between the GUI, automation platform, and API. For example, when closing out threats, the options available in the automation platform differ from those in the GUI and API—such as missing specific closure reasons like "Internal testing." Additionally, the automation platform only supports "AND" logic in trigger conditions, which makes it difficult to build flexible workflows that share common traits but differ in just one condition. These limitations force us to rely on custom scripts and direct API calls to achieve the functionality we need, rather than managing everything within Red Canary itself. **What problems is Red Canary solving and how is that benefiting you?** As the lead of our Breach and Attack Simulation (BAS) Team, my use of Red Canary differs from that of our SOC analysts. I simulate attacks against our network and assets using AttackIQ, and Red Canary plays a critical role in helping me identify and track this activity across our environment. It excels at correlating AttackIQ-generated telemetry with the correct target assets and associated alerts in Microsoft Defender, which is something we struggle to do effectively with other tools. This correlation allows us to validate detection coverage and response workflows more accurately. Additionally, we leverage Red Canary’s automation capabilities to ensure that our simulations don’t overwhelm the SOC or disrupt normal security operations, helping us maintain operational efficiency while testing our defenses. ### 25. Red Canary’s team continuously monitors your environment **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Business Supplies and Equipment | Small-Business (50 or fewer emp.) **Reviewed Date:** July 07, 2025 **What do you like best about Red Canary?** Threat Intelligence & Behavioral Analytics Powered by thousands of analytics and deep threat research (mapping to MITRE ATT&CK), Red Canary delivers data-driven, intelligence-led operations **What do you dislike about Red Canary?** Would you like to dive deeper into any component—such as their threat intelligence engine, MDR SOC workflows, or integration specifics? **What problems is Red Canary solving and how is that benefiting you?** Readiness Exercises & Training On-demand and facilitated tabletop exercises using real-world TTPs (e.g., from Scattered Spider), atomic tests, and attack simulations improve incident-response readiness continuously sales.superagi.com +4 redcanary.com +4 redcanary.com +4 . Automation & SOAR Capabilities Red Canary offers automated, customizable playbooks that accelerate response time and reduce operator workload ### 26. Satisfied Customer! **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Hospital & Health Care | Enterprise (> 1000 emp.) **Reviewed Date:** May 30, 2025 **What do you like best about Red Canary?** I provide cyber support for a healthcare organization. There are times where I need additional support whether it be in investigating an alert from our EDR or a technical question regarding the Red Canary web portal. Red Canary is quick to answer my questions and address any concerns I may have. **What do you dislike about Red Canary?** I would like additional features when it comes to Threats that are published by Red Canary. For example, If I remediate a Threat by adding an end user to be allowed to use a specific application and later would like to revert those changes. I need to submit a ticket to Red Canary to have the user removed. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is receiving our telemetry from various sources and is able to correlate multiple events to formulate a Threat. These Threats are often not seen by our internal Cyber security tools. This is beneficial in identifying advance threats. ### 27. Red Canary is Awesome! **Rating:** 5.0/5.0 stars **Reviewed by:** Victor B. | Security Analyst II, Enterprise (> 1000 emp.) **Reviewed Date:** January 13, 2025 **What do you like best about Red Canary?** Very easy to use. User friendly UI. Everybody has been extremely helpful for our company since the very beginning. I use it every day and never had any issues. We were able to hit the ground running from the very first day of implentation. **What do you dislike about Red Canary?** Do not have any complaints about Red Canary. Had some issues with hunters not putting comments for certain threats but that was immediately fixed and the comments are now great. **What problems is Red Canary solving and how is that benefiting you?** Solving all of the threats our company may deal with when Analysts are out of office. Providing a second set of eyes on threats so we can double check everything. ### 28. What Red Canary has done for me. **Rating:** 5.0/5.0 stars **Reviewed by:** Cameron C. | I.T. Manager, Enterprise (> 1000 emp.) **Reviewed Date:** January 08, 2025 **What do you like best about Red Canary?** I have not had an issue that the team couldn't help me complete with the most friendly and engaging attitude. The GUI in intuitive and simple. Implementation was a breeze with their team and I couldn't have asked for a better process. I am in this system daily checking news and gaining oversight into my proccesses. The intergrations have been simple and straight forward. The connections to Azure, O365 and the identity have given me a real peice of mind and the ability to finally get some sleep at night. **What do you dislike about Red Canary?** I can't think of a single negative thing to say about RC. **What problems is Red Canary solving and how is that benefiting you?** Peice of mind and sleep at night is the largest benefit. As we traversed through this massive Microsoft world in 2024 we didn't realize how blind we were until we hired them on. ### 29. Red Canary Is Amaizing **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Entertainment | Enterprise (> 1000 emp.) **Reviewed Date:** May 08, 2025 **What do you like best about Red Canary?** I really love how the timeline makes investigating threats so much easier. It becomes very obvious what do when a threat is doing something very malicious in your environment and it allows for immediate action. **What do you dislike about Red Canary?** Since Red Canary is an MDR solution, it relies on data from endpoint detection tools like CrowdStrike to generate its alerts. One improvement I’d like to see is better suppression of redundant alerts. For example, if CrowdStrike already detects and blocks an unwanted application or process, it would be ideal if Red Canary could recognize that the threat was contained and avoid triggering a separate alert for the same event. This would help reduce alert fatigue and streamline the response process. Aside from that Red Canary is my favorite MDR solution. **What problems is Red Canary solving and how is that benefiting you?** Red Canary makes investigating threats a lot easier. It saves me so much time by breaking down what happened and giving me the key details upfront, so I’m not stuck piecing everything together from scratch. ### 30. Very Easy to Implement, Reliable and Secured **Rating:** 4.5/5.0 stars **Reviewed by:** Jose R. | Associate Director of IT, Small-Business (50 or fewer emp.) **Reviewed Date:** May 12, 2025 **What do you like best about Red Canary?** Implementation in our endpoints was very fast and easy. We get 24/7 MDR protection and the playbook setup process is very intuitive and very manageable. Customer support is reliable and we hardly get false positives, which helps tremendously. Overall, a very solid product. **What do you dislike about Red Canary?** So far, I haven't had any issues with Red Canary. Adding it to Macbooks was slightly different, but that understandable given the different OS. **What problems is Red Canary solving and how is that benefiting you?** Protection of our network and endpoints. ### 31. Security Advancement & Hardening **Rating:** 4.5/5.0 stars **Reviewed by:** Michael T. | Cloud Operation Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 01, 2025 **What do you like best about Red Canary?** A deep of security analytic and ingest into every endpoint activity for best hunt and investigation. **What do you dislike about Red Canary?** Currently experience intermittent alert or notification issue working with Red Canary support due to global sms/governance regulations issue. It's great if there is multiplatform especially on the alert notification which is very critical and important as to acknowledge for a high severity threat to be exploit. **What problems is Red Canary solving and how is that benefiting you?** Security measurement especially threat on pre-breaking stages to be "determine" and prevention. ### 32. Very good support and value **Rating:** 5.0/5.0 stars **Reviewed by:** Eduardo C. | Senior Infosec Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** January 07, 2025 **What do you like best about Red Canary?** I love that it provides actionable alerts and intelligence. The account team is very good and super helpful with any questions we have with the Red Canary tool or our EDR tool. They sometimes provide better support for our EDR tool then our EDR vendor. There are very few false positives so when we see a High severity alert we can be sure it is something we need to take action on right away. **What do you dislike about Red Canary?** They are MDR and not an MSS which is not a bad thing but it would be good for them to have those types of services. **What problems is Red Canary solving and how is that benefiting you?** Solving problems where our EDR tools are very noisy with many false positives. With Red Canary we can rest knowing our environment is being monitored by experts. ### 33. Effective and reliable MDR service provider, a partner you can trust **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Legal Services | Enterprise (> 1000 emp.) **Reviewed Date:** February 03, 2025 **What do you like best about Red Canary?** Red Canary is quick and effective at detecting genuine threats and executing your automations to contain the threat. We have been using Red Canary for a few years and have found comfort in their reliable and timely 24x7 detections. They often publish intelligence reports that helps reassure us they're on top of threat actors and attack trends. When we ask about detection coverage for a current or emerging threat actor and their TTPs, they're already on top of it. We've swapped EDR tools and with the Red Canary team's help, it was a seamless transition with no downtime or lapse in detection coverage. Their threat hunting and engineering team is readily accessible and our account manager Matt Tauaese has been very proactive and engaged in helping make sure we get the most out of our service. **What do you dislike about Red Canary?** Their services are gradually becoming more expensive and its harder toignore their competition which are providing a full service offering a fully managed SOC offering at lower costs. Red Canary remains a top pick for MDR, but as organisations find the need to consolidate tools and optimise processes, their narrow offering may be a disadvantage in future. **What problems is Red Canary solving and how is that benefiting you?** We needed 24x7 monitoring of our Endpoint Detection & Response tool, detection engineering capabilities backed by reliable and accurate threat intelligence, and effective automations to rapidly contain threats and minimise collateral damage. Red Canary has been able to provide us with this service and comfort over the past few years that we've been a customer. With their MDR service, we can refocus our team on other prioirities. ### 34. Great Overall, But Monthly Check-Ins Are Too Frequent **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Higher Education | Mid-Market (51-1000 emp.) **Reviewed Date:** October 14, 2025 **What do you like best about Red Canary?** Playbooks to notify or act upon certain conditions. **What do you dislike about Red Canary?** Monthly touching base. Every other month would be better. **What problems is Red Canary solving and how is that benefiting you?** Providing 24/7 monitoring of our EDR environment. ### 35. red canary experirence **Rating:** 2.5/5.0 stars **Reviewed by:** Verified User in Non-Profit Organization Management | Enterprise (> 1000 emp.) **Reviewed Date:** January 22, 2025 **What do you like best about Red Canary?** It provides visibility and valuable alerting on our various workloads, especially the cloud. It covers cloud security alerts extensively and empowers end users to create their own automation. **What do you dislike about Red Canary?** I used to like the way they helped with investigations. Now, I am being told our MSP doesn't have access. If there is an access issue, this should have been brought to our attention immediately. And we never get any Defender for endpoint alerts. When we followed up, they stated those alerts were just being closed and resolved without evidence. **What problems is Red Canary solving and how is that benefiting you?** visibility and and single view and alerting for our workloads. 24/7 protection and response ### 36. Experience has been great for the most part, the software works well. **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Transportation/Trucking/Railroad | Mid-Market (51-1000 emp.) **Reviewed Date:** January 23, 2025 **What do you like best about Red Canary?** Red Canary is great it allows you to setup playbooks for difference scenarios and determine what actions will be taken. I cant speak about the setup process as I inherited the system a year after it was put in. The quaterly catch up calls are helpful to review whats going on in the environemnt. Software is relativley easy to use and manage. If you run into problems you just reach out to support and its usually pretty quickly resolved. Support is spot on when dealing with a situation. Setting computers to have no access is also super helpful for when a user does something like clicking on random emails that turn out to be harmful. **What do you dislike about Red Canary?** We have had 4-5 different account reps in 3 years. Some have been fantastic and some well less than subpar. **What problems is Red Canary solving and how is that benefiting you?** The software is helping protect users against the mistales that users make. Examples would be reandomly clicking on any old installer and then finding out they just installed malware, spyware or worse. Red Canary does a good job of catching software that is malicious. ### 37. Red Canary is a great choice for an external SOC **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Electrical/Electronic Manufacturing | Mid-Market (51-1000 emp.) **Reviewed Date:** May 06, 2025 **What do you like best about Red Canary?** Fast and easy onboarding process. Great platform, that provides additional protection and insights for Microsoft customers. Competent and helpful threat hunting team, that also gives recommendations. **What do you dislike about Red Canary?** High license requirements (Microsoft), to get the most out of the product and service. Sometimes it's difficult to schedule meetings because we are located in the EU. The 24/7 protection is limited to high alerts outside of Red Canarys business ours. **What problems is Red Canary solving and how is that benefiting you?** For a small and young business, we greatly benefit from Red Canarys expertise. We can have a good nights sleep, knowing that Red Canary keeps us safe outside of our business hours. ### 38. Red Canary has been a lifesaver **Rating:** 5.0/5.0 stars **Reviewed by:** Scott B. | Security Operations Lead, Enterprise (> 1000 emp.) **Reviewed Date:** January 07, 2025 **What do you like best about Red Canary?** Red Canary provides a robust expertise to help monitor and protect your organization from cyber threats. They are very personable and quick to help act as part of your team rather than a separate entity. **What do you dislike about Red Canary?** The only downside about Red Canary, is they are a separate organization and sometimes don't have all of the tribal or internal knowledge of your organization that can be helpful with context during incident investigations. **What problems is Red Canary solving and how is that benefiting you?** Red Canary helps brings an expertise and manpower to our Information Security program. They help with security monitoring, incident investigation, and remediation. They help with 24x7 monitoring as well as brining heir expertise and knowledge of the threat landscape to help look for threats that other security tools may miss. ### 39. Security made easy! **Rating:** 5.0/5.0 stars **Reviewed by:** Charles M. | Information Technology Infrastructure Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** January 14, 2025 **What do you like best about Red Canary?** Working with Red Canary as your partner will greatly enhance your response and detection capabilities across your enterprise. The response time and automation is hands down the best that I have seen at any vendor. Teams are very engaging and have rescued our internal teams from banning legitimate process which would have crippled our environment. Their service pays for itself every single year and then some! **What do you dislike about Red Canary?** They don't do my laundry. I can't honestly provide much critical feedback on dislikes. They are not perfect, but they are transparent and knowledgeable in their field. Their organization faces the same challenges that you see everywhere. Account reps will be shuffled or will move on to other opportunities. It’s not as frequent but it does happen. **What problems is Red Canary solving and how is that benefiting you?** Automated threat intelligence and remediation. Having this capability allows me and my staff to sleep at night, knowing if something nefarious is detected in our environment, that we have the right team/products in place to mitigate. Many times without even waking us up! ### 40. Red Canary does its job which allows me to do mine. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.) **Reviewed Date:** January 09, 2025 **What do you like best about Red Canary?** Incorporating Red Canary into our environment has been great. As a Linux admin, when a company says their product "works on Linux" I usually take it with a grain of salt. That is not the case with Red Canary. Red Canary was easy to implement including adding automations. Now that it's installed in our environment it just does its thing which frees us up to focus on supporting our clients. With previous solutions we'd spend hours investigating findings just to find out that most were false positives. Getting that time back has made our team much more efficient. **What do you dislike about Red Canary?** So far we have not had any issues using Red Canary. The only thing that could be considered an issue is that one of our admins runs Red Canary on his laptop. Since his laptop is regularly offline it constantly shows up in the daily status email. Being able to mark a system as not a server and not include it in the uncommunicative servers list would be nice. **What problems is Red Canary solving and how is that benefiting you?** Red Canary leveraging its expertise to review findings not only saves me time but gives me peace of mind. ### 41. Offers piece of mind and additional details we were missing before **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Paper & Forest Products | Enterprise (> 1000 emp.) **Reviewed Date:** January 06, 2025 **What do you like best about Red Canary?** The threat hunting team does a great job ensuring they are on top of emerging threats in our environment. I appreciate that Red Canary is EDR agnostic using that to all of their customers' advantage by ingesting data from all of the big EDR players. On boarding was super simple - just allowing a few requests into our Azure tenant and we were up and running. **What do you dislike about Red Canary?** We have found a few bugs with the GUI and API integration, but support is quick to get request escalated to development. APIs seem to be an ever changing beast at this point and I am glad Red Canary seems to be able to keep up with all of the changes forced by other vendors. **What problems is Red Canary solving and how is that benefiting you?** Red Canary allows SOC coverage while our staff are not in the office. They offer us 24 x 7 coverage and are essentially an extension of our internal team. The additional context added to alerts and threats allows us to get a quick glimpse into what is happening in the environment and quickly determine severity and course of action. ### 42. Overall good. **Rating:** 3.5/5.0 stars **Reviewed by:** Mike S. | Information Security Manager, VP, Mid-Market (51-1000 emp.) **Reviewed Date:** January 03, 2025 **What do you like best about Red Canary?** The Threat Hunting Team is excellent. Of the times I've reached out to them, they responded quickly and they provided good information and insight. I appreciate their recommendations and look for opportunities to reach out to them when we need assistance. The Technical Support Team is also excellent. They know their stuff and go the extra mile to provide essential information. I work with a lot of support teams and I am thankful for how well the RC team functions. That is rare in my experience. I never regret opening tickets for assistance. **What do you dislike about Red Canary?** There have been several instances where we expected RC to identify an issue and no alert was surfaced. Because of this, senior leadership feels, at times, that RC isn't the right partner for us. I think this is due to differences in methodology. RC has a set process, however in certain environments we have activity that for us would be considered unusual and requires follow up, but for RC it's not something that the team will alert on. I also think, that at times we looking for evidence that detections are functioning as described but this can be difficult to come by. Also, I think on the account rep side, there is a lack of training, such that when asked for clarification from our rep, those requests are either insufficiently responded to or outright ignored. It's my job as manager to ask questions and provide explanations to our leadership when there is an issue, I feel unsupported from the RC team in this fashion. I think the RC portal could be more useful. I know it's being improved but 2 years in, I still struggle to get useful information when I need it. **What problems is Red Canary solving and how is that benefiting you?** Obviously, we are using RC to monitor our environment. ### 43. Sleeping Better at Night **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Higher Education | Mid-Market (51-1000 emp.) **Reviewed Date:** January 13, 2025 **What do you like best about Red Canary?** As a Red Canary customer for five years now, I've consistently been impressed by the service and level of support. We're fortunate to rarely receive alerts (which is a testament to accurate threat identification); however, when we do, our trust in Red Canary's analysis drives my team to act quickly to review and resolve. I appreciate the company being customer-focused which is demonstrated through regular engagement and their continous innovation to stay competitive. **What do you dislike about Red Canary?** I've found Red Canary's support to be extremely proactive (e.g. alerting when an integration fails), responsive (e.g. promptly responding to cases), and dedicated (e.g. working to find additional information); however, it's occasionally difficult having the right SMEs available to answer technical questions. This was mostly an issue with complexities surrounding our Azure integration. **What problems is Red Canary solving and how is that benefiting you?** Holistic view of our environments for better threat detection and 24x7 coverage. ### 44. An excellent service for SMBs that cannot staff a SOC **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Consulting | Mid-Market (51-1000 emp.) **Reviewed Date:** May 28, 2025 **What do you like best about Red Canary?** Having a team of qualified security professionals watching your systems 24x7 is a great assurance. **What do you dislike about Red Canary?** It took some asking, but seems the SLA is two hours for evaluating an event that may be an incident. In practice, we have done much better, with some responses in under 3 minutes. **What problems is Red Canary solving and how is that benefiting you?** As an SMB, it is not cost effective to staff a SOC. Red Canary fulfills that requirement with their resources. ### 45. Red Canary: A simple assurance that helps the worried Cybersecurity talent sleep at night. **Rating:** 5.0/5.0 stars **Reviewed by:** Christopher B. | Information Technology Infrastructure Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** January 10, 2025 **What do you like best about Red Canary?** Red Canary is a breeze to set up! With help from the onboarding team, my team was able to configure our environment within a day. Immediately after setup, we could start monitoring through the pre-built integrations with most of our cybersecurity pain points. **What do you dislike about Red Canary?** We have not yet found anything negative to report. **What problems is Red Canary solving and how is that benefiting you?** Red Canary fills the void that our previous Managed Security Service Provider had. Even after 1 day of setting up our account, we felt relief, knowing that we had complete visibility into our cybersecurity stance and that there was a live team protecting our environment 24/7. ### 46. Great MDR solution - simple to use, easy to learn, very effective. **Rating:** 4.5/5.0 stars **Reviewed by:** Robert T. | Cybersecurity Manager, Enterprise (> 1000 emp.) **Reviewed Date:** May 14, 2025 **What do you like best about Red Canary?** Being able to sleep at night or go on vacation knowing someone or something is always watching. **What do you dislike about Red Canary?** Some of the Cortex XSIAM integration still needs to be fleshed out. **What problems is Red Canary solving and how is that benefiting you?** 24x7 coverage. ### 47. Extremely Knowledgable Company **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Manufacturing | Enterprise (> 1000 emp.) **Reviewed Date:** May 28, 2025 **What do you like best about Red Canary?** Integrated easily with all of the products we use. Has saved some time for our security team to work on other projects **What do you dislike about Red Canary?** We were not easily able to integrate AWS but we will get there. **What problems is Red Canary solving and how is that benefiting you?** Our previous SOC was not very helpful when it came to threats and such coming from Microsoft Defender and we are a large O365 Shop ### 48. Excellent MDR Service and Threat hunting **Rating:** 5.0/5.0 stars **Reviewed by:** Jeff G. | Chief Information Officer, Enterprise (> 1000 emp.) **Reviewed Date:** January 07, 2025 **What do you like best about Red Canary?** Red Canary has been a game-changer for us. Their active Threat Hunting is amazing. They incorporate AI into the Cyber threat detection and it has reduced the false positives. We are very pleased with their MDR services and how they handle our Cyber posture. They onboarding process was quick and painless. They had us up and running in less than a month. **What do you dislike about Red Canary?** We have only used Red Canary for a short period of time but I do not have any negatives to report on them. **What problems is Red Canary solving and how is that benefiting you?** We did not have a Cyber Security team. Red Canary is our Cyber Security team. They have performed well. The onboarding process was simple and smooth. They were able to find and remediate a few open issues that we had quickly. ### 49. CrossCountry Consulting - Security Compliance Analyst **Rating:** 5.0/5.0 stars **Reviewed by:** Keon B. | Security Compliance Analsyt, Enterprise (> 1000 emp.) **Reviewed Date:** January 14, 2025 **What do you like best about Red Canary?** I appreciate Red Canary's proactive approach to cybersecurity, their excellent customer support, and the comprehensive threat detection and response capabilities they offer. **What do you dislike about Red Canary?** There is currently nothing that I dislike about Red Canary at the current moment. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is helping CrossCountry Consulting by securing our environment against cyber threats and data breaches. Their 24x7 service monitors all laptop and server activity to identify and quickly contain threats. This continuous detection and investigation coverage gives us confidence that our environment is protected at all times. ### 50. Effective Threat Detection and Response with Red Canary **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Oil & Energy | Enterprise (> 1000 emp.) **Reviewed Date:** December 31, 2024 **What do you like best about Red Canary?** What I really like about Red Canary is how easy it makes threat detection and response. It integrates smoothly with our existing tools and provides clear, actionable alerts that cut through the noise. Instead of drowning in false positives, we get meaningful insights backed by their team of experts. The dashboard is intuitive, and the reports are practical, which helps us stay on top of our security game without wasting time. **What do you dislike about Red Canary?** Higher end of the cost scale, lack of hard SLA's on response times. **What problems is Red Canary solving and how is that benefiting you?** Red Canary is helping us sort through the noise of alerts from our tools, identify actual incidents that need our attention, and assisting in responding ot those. This helps our staff focus on more high value projects that help move the business forward. ## Red Canary Discussions - [How does Red Canary work?](https://www.g2.com/discussions/how-does-red-canary-work) - 1 comment - [View Red Canary pricing details and edition comparison](https://www.g2.com/products/red-canary/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-17+04%3A34%3A53+-0500&secure%5Bsession_id%5D=8bf5bd4e-e571-4ca2-b43a-8bacebf7cab2&secure%5Btoken%5D=df27a68d6fbb63f5ed4ac24694d5cd8c7db4d02d18f882f2c64f390323941813&format=llm_user) ## Red Canary Integrations - [AWS CloudTrail](https://www.g2.com/products/aws-cloudtrail/reviews) - [Azure Portal](https://www.g2.com/products/azure-portal/reviews) - [Carbon+Alt+Delete](https://www.g2.com/products/carbon-alt-delete/reviews) - [Carbon Black Cloud](https://www.g2.com/products/carbon-black-cloud/reviews) - [Cisco Umbrella](https://www.g2.com/products/cisco-umbrella/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [Microsoft 365](https://www.g2.com/products/microsoft365/reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) - [Microsoft Defender for Endpoint](https://www.g2.com/products/microsoft-defender-for-endpoint/reviews) - [Microsoft Defender for Office 365](https://www.g2.com/products/microsoft-microsoft-defender-for-office-365/reviews) - [Microsoft Defender XDR](https://www.g2.com/products/microsoft-defender-xdr/reviews) - [Microsoft Entra ID](https://www.g2.com/products/microsoft-entra-id/reviews) - [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews) - [Okta](https://www.g2.com/products/okta/reviews) - [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews) - [Proofpoint Core Email Protection](https://www.g2.com/products/proofpoint-core-email-protection/reviews) - [SentinelOne Singularity Endpoint](https://www.g2.com/products/sentinelone-singularity-endpoint/reviews) ## Red Canary Features **Platform Features** - 24/7 support - Proactive report alerts - Application control - Proactive threat hunting - Rapid response time - Customizeable reports - Managed Services **Automation Capabilities** - Automated remediation - Automated investigation - AI Agents ## Top Red Canary Alternatives - [Arctic Wolf](https://www.g2.com/products/arctic-wolf/reviews) - 4.7/5.0 (275 reviews) - [Huntress Managed EDR](https://www.g2.com/products/huntress-managed-edr/reviews) - 4.9/5.0 (880 reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - 4.7/5.0 (374 reviews)