Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybersecurity Funding

Security Operations Firm Red Canary Raises $34 Million

Denver, Co-based managed detection and response (MDR) firm Red Canary has raised $34 million in growth equity funding. 

Denver, Co-based managed detection and response (MDR) firm Red Canary has raised $34 million in growth equity funding. 

The funding round was led by equity growth investor Summit Partners and joined by existing investors Access Venture Partners and Noro-Moseley Partners. This brings the total funding raised by the firm to $48.9 million.

Red CanaryMDR aims to increase the speed of detection and response, consequently reducing the dwell time and the opportunity for bad actors to complete their purpose. To achieve this, the Red Canary platform ingests over 500 terabytes of telemetry per day for analysis by its own behavioral analytics technology and in-house team of analysts.

Founded in 2014 by Brian Beyer, Chris Rothe, and Keith McCammon, Red Canary has hundreds of customers ranging from Fortune 100 to 100-employee firms. “We are in the golden age of data in security,” comments CEO Beyer. “Security teams have more telemetry, tools, and budget than ever before but unfortunately, in many cases, this has not resulted in a meaningful improvement in security outcomes. We serve as a security ally for our customers, helping their teams get the most out of modern security technology, protect their valuable data and remain focused on the performance of their own business.”

To help automate the response side of MDR, the firm launched Exec in September 2018. This is especially useful for smaller firms with smaller security teams. It allows the easy generation of playbooks to automate immediate response to different alerts. For example, if malware is detected during the night dropping Mimikatz, much of the immediate risk can be mitigated automatically: the endpoint can be isolated, the malicious software can be banned, the on-call engineer can be contacted via phone, and the broader team could be informed via Slack.

Andy Collins, a Managing Director at Summit Partners who has joined Red Canary’s Board of Directors, points to the firm’s year-on-year ARR growth of more than 100%. “Across the security landscape, there is increased acknowledgement that a ‘status quo’ approach is inadequate,” he said. “Attackers bypass even the best security technology solutions on a daily basis. We believe Red Canary’s software-driven model delivers a uniquely high-quality, continuously improving service.” The new funding is earmarked for expanding Red Canary’s marketing reach to new customers.

Version 2 of Exec was launched in January 2019, with new features including support for forensics package collection, audit logging, and human as well as automated playbook control. 

Last month, Red Canary analyzed 10,000 confirmed threats from hundreds of its customers. It concluded that that PowerShell, scripting, Regsvr32, connection proxy, spearphishing attachments and masquerading are the most prevalent techniques, as described in MITRE’s Adversarial Tactics Techniques and Common Knowledge (ATT&CK) framework.

The firm maintains a relationship with MITRE ATT&CK by supporting the Atomic Red Team library of open source ‘micro tests’ mapped to the ATT@CK malicious techniques framework. The purpose is to allow security teams to test their defenses — without reliance on third-party testing organizations — against a wide range of different attacks.

Advertisement. Scroll to continue reading.

Related: Managed Security Services, a Mission and Service Evolution 

Related: Fidelis Cybersecurity Raises $25 Million 

Related: Testing Security Products: Third-Party Standards vs. In-House Testing 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Cyber Insurance

Cyberinsurance and protection firm Boxx Insurance raises $14.4 million in a Series B funding round led by Zurich Insurance.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.