Red Canary and Palo Alto Networks expand partnership to improve detection coverage

Red Canary has unveiled a new integration with Palo Alto Networks, adding Cortex XDR and broadening its detection coverage for mutual customers.

This deepening of the partnership between the two companies builds on existing Red Canary integrations, including PAN-OS, Advanced Threat Prevention, and WildFire.

Red Canary analyzes petabytes of data every day, applying advanced analytics to volumes of alerts and raw telemetry to perform thousands of investigations. For mutual customers, Red Canary can now investigate Palo Alto Networks’ Cortex XDR detections from all Cortex XDR data sources, including network, endpoint, cloud, and third-party data, helping to provide enterprise-wide monitoring.

Cortex XDR’s Native IOCs and BIOC alert types are correlated with Red Canary’s detections across the IT environment to provide additional validation and context, all delivered in a unified timeline.

Cortex XDR offers various response actions that enables customers to investigate the endpoint and take immediate action to remediate it. Red Canary customers can now also use response actions to isolate an endpoint for faster remediation.

While many MDR offerings simply ingest alerts generated by endpoint security tools, Red Canary’s approach reduces false positives by up to 99% and increases the detection of confirmed threats.

“Red Canary provides MDR across our customers’ IT environments by analyzing data from leading security tools,” said Chris Rothe, CTO, Red Canary.

“Obviously, Palo Alto Networks is a fundamental part of many organizations’ security stack and we are very excited to integrate with Cortex XDR to provide more choice and better security for our customers,” Rothe added.

“The detailed endpoint telemetry generated by Cortex XDR enables outstanding scores in actual hands-on tests, such as MITRE Engenuity’s recent ATT&CK evaluation for Enterprise,” said Tom Barsi, Vice President of Worldwide Cortex Ecosystems, Palo Alto Networks.

“Red Canary’s ability to manage and analyze large volumes of endpoint, network, and other types of telemetry make them an ideal partner for solving customers’ most pressing security challenges. Together, we can help protect organizations from ransomware, phishing, and other modern threats,” Barsi continued.

Don't miss