Home > News > featured news > Red Canary and Palo Alto Networks expand collaboration to provide detection and response across security landscape

Software Security

Red Canary and Palo Alto Networks expand collaboration to provide detection and response across security landscape

Red Canary | July 08, 2022 | Read time : 2 min

Red Canary
Red Canary, the Managed Detection and Response (MDR) trailblazer, has expanded its collaboration with industry leader Palo Alto Networks to help deliver on a bold vision: unifying threat investigation across a wide range of Palo Alto Networks products. To help achieve this goal Red Canary is now a part of the Palo Alto Networks Cortex® MSSP partner program.

Today, Red Canary MDR supports Palo Alto Networks firewalls by integrating with PAN-OS version 9 and higher. This integration allows security alerts and event data generated by firewall appliances to feed into the Red Canary MDR platform for further investigation and remediation.

Red Canary is working with Palo Alto Networks as an MDR partner for the Cortex XDR product, which includes built-in endpoint protection. While many MDR offerings simply ingest alerts generated by endpoint security tools, Red Canary is working toward being able to ingest raw telemetry as well as alerts from the Cortex XDR endpoint agent. Red Canary anticipates this will allow it to reduce false positives by up to 99% and significantly increase the detection of confirmed threats compared to what endpoint security tools can identify on their own.

"The detailed endpoint telemetry generated by Cortex XDR enables leading scores in actual hands-on tests, such as MITRE's recent ATT&CK® evaluation," said Rick Caccia, SVP of Marketing for Palo Alto Networks. "Red Canary's ability to manage and analyze large volumes of endpoint, network, and other types of telemetry will make them an ideal partner for solving customers' most pressing security challenges. Together, we can help protect organizations from ransomware, phishing, and other modern threats."

To complete our vision of unifying threat investigation across the Palo Alto Networks product line, Red Canary is also developing integrations for Prisma® Cloud, Threat Prevention, and the WildFire Analysis Environment. Red Canary's MDR everywhere strategy allows events from Palo Alto Networks products to be combined with multi-vendor events in a unified timeline. To learn more, visit https://redcanary.com/cyber-threat-investigation/.

"Red Canary is meeting customer demand for security across the modern IT environment by integrating alert data from network, identity, and SaaS applications – all in a unified timeline. Our collaboration with Palo Alto Networks layers best-in-class managed detection and response across an industry-leading portfolio of cybersecurity solutions. The result is more choice and better security for our customers."

Chris Rothe, CTO, Red Canary

About Red Canary
Red Canary stops cyber threats no one else does so organizations can fearlessly pursue their missions. The company's managed detection and response (MDR) solution works across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. Red Canary operates as a security ally for customers and partners by providing unlimited 24×7 support, deep threat expertise and hands-on remediation to prevent threats from turning into business-defining incidents.

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

More featured news

Spotlight

Implementieren digitaler Souveränität bei der Cloud-Einführung

Überwindung der Herausforderungen und Komplexitäten beim Aufbau von Souveränität als Teil einer Multi-Cloud-Strategie. 90 % der Unternehmen in Europa und 88 % im Nahen Osten, in der Türkei und in Afrika (META) nutzen heute die Cloud-Technologie, die einen wichtigen Baustein für die digitale Transformation darstellt. In dem Maße,

Related News

Web Security Tools

Laminar Launches Two New Solutions to Become First Full Data Security Platform for Multi-Cloud and SaaS Environments

Businesswire | July 13, 2023

Laminar, the leading agile data security platform provider, today announced new data access governance (DAG) and data detection and response (DDR) functions to its Laminar Data Security Platform, making it the first solution on the market to deliver complete identify, protect, detect, and respond capabilities for multi-cloud and SaaS data security. Laminar is now the only data security provider to integrate all critical data security functions – data landscape intelligence, data security posture management (DSPM), DAG, DDR, and privacy and compliance – in a single, integrated platform. Data security and governance professionals need agile data security solutions that automatically scale with the business to combat the growing divergence between the dynamic and ever-growing activities that contribute to innovation while also fighting the lagging data security efforts intended to protect the business — that are becoming increasingly insufficient. The foundation of agile data security begins with cloud-native data discovery and classification which detects all known and unknown, or “shadow,” data to help organizations understand what data resides where, how sensitive the data is, and who or what has access to it. With this context, security posture can be assessed and appropriately enforced. From there, it's critical to have the ability to continually monitor and protect against emerging threats. The addition of DAG and DDR to the Laminar Data Security Platform provides the following benefits to organizations: Data Access Governance (DAG) reduces exposure and minimizes the blast radius from data leaks by controlling user and machine access to sensitive data and ensuring least privilege. Data Detection and Response (DDR) alerts on data breaches and other anomalies as they occur to quickly contain any active threats and minimize the potential damage for businesses. The new DAG and DDR services complement the following capabilities already existing in the Laminar Data Security Platform: Data Landscape Intelligence: Provides a holistic view of asset and data inventory with contextual intelligence from autonomous discovery and classification of all known and unknown cloud data. Data Security Posture Management (DSPM): Enforces policies and safeguards sensitive data with risk-based prioritization, enabling organizations to focus on what matters most. Privacy & Compliance: Ensures data security practices align with regulations and standards to streamline audits, avoid fines and reduce audit costs. Laminar is the only data security provider to now integrate all five elements of an agile platform architecture for a complete data security solution. This integrated design provides more accurate detection, comprehensively protects data, and streamlines remediation. “Security-in-depth best practices have historically needed the ability to identify, protect, detect, and respond to threats. Cloud data security is no different,” said Amit Shaked, CEO and co-founder, Laminar. “Our new DAG and DDR features make our platform the reference model for achieving agile data security in the cloud. All five components work in conjunction to deliver a unified, streamlined experience.” “Protecting data in the cloud requires different tools than are used to protect on-premises data, and organizations need a purpose-built cloud data security solution. Enterprise Strategy Group recommends organizations explore solutions like Laminar that provide a holistic approach to the entire process of securing data in the cloud and provide unified and integrated data security across multiple clouds,” said Jack Poller, Senior Analyst, Enterprise Strategy Group. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Network Threat Detection, Platform Security, Software Security

Coro Acquires Network Security Startup Privatise

Businesswire | July 27, 2023

Coro, the modern cybersecurity platform for mid-market organizations, today announced the acquisition of Privatise, an Israeli supplier of network security solutions for in-office and remote work. The acquisition adds critical SASE capabilities to Coro’s all-in-one platform and is part of an aggressive growth strategy, fueled by Coro’s $155M funding over the last 12 months, to expand the capabilities of Coro’s cybersecurity platform both organically and through strategic acquisitions. As the network edge continues to expand, Gartner predicts that by 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture.** The challenge for mid-market organizations – who have lean IT teams, limited budgets and little to no cybersecurity expertise --is managing the cost and complexity typically associated with SASE implementations. With the Privatise acquisition, Coro now offers a single source of comprehensive security and protection -- all managed through a unified, cloud-based platform -- for any organizational configuration. Coro’s SASE solution includes military grade VPN, Secure RDP, ZTNA, Next Generation Firewall, DNS Filtering, and is fully integrated into Coro’s holistic security architecture, eliminating security gaps caused by siloed approaches to SASE. Whether a company’s assets are cloud first, on-prem, or hybrid, Coro can protect the user, the device they use, the network they connect through, their emails, and the data they access, use and share, all while ensuring compliance with critical supply chain and industry regulations. “Since its founding, Coro has focused on delivering a comprehensive, yet affordable and easy to use cybersecurity solution for mid-market companies,” said Guy Moskowitz, CEO, Coro. “By integrating Privatise’s SASE capabilities into our platform, we offer the industry’s first mid-market solution to deliver cloud-native, seamless and secure access to applications and resources regardless of location or device. We will continue to invest in Coro’s platform, both organically and through acquisition, to help companies strengthen their security posture and improve their operational efficiency.” The Privatise acquisition is the latest milestone in Coro’s growth and momentum. In April, the company announced a $75M funding round from Energy Impact Partners, bringing the total funding raised in the last 12 months to $155M. Coro projects it will grow 300% year-over-year in 2023, extending its extraordinary 300% annual growth record to a 5th year in a row. The Company’s modern approach to cybersecurity – delivering enterprise grade security through a single platform that unifies, simplifies and automates workloads -- has been validated by more than 5000 mid-market customers across every vertical industry. Over the past year, Coro tripled its revenue, customer and employee base, and signed more than 100 new channel partners. About Coro Coro provides modern cybersecurity that unifies comprehensive protection into a single platform. Coro empowers organizations to defend against malware, ransomware, phishing, data leakage, insider threats and email threats across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for protection, unrivaled ease of use, and unmatched affordability. Coro’s cybersecurity platform automatically detects and remediates the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. In addition to Energy Impact Partners, investors in Coro include Balderton Capital, JVP, and Ashton Kutcher’s Sound Ventures.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Web Security Tools

Laminar Launches Two New Solutions to Become First Full Data Security Platform for Multi-Cloud and SaaS Environments

Businesswire | July 13, 2023

Laminar, the leading agile data security platform provider, today announced new data access governance (DAG) and data detection and response (DDR) functions to its Laminar Data Security Platform, making it the first solution on the market to deliver complete identify, protect, detect, and respond capabilities for multi-cloud and SaaS data security. Laminar is now the only data security provider to integrate all critical data security functions – data landscape intelligence, data security posture management (DSPM), DAG, DDR, and privacy and compliance – in a single, integrated platform. Data security and governance professionals need agile data security solutions that automatically scale with the business to combat the growing divergence between the dynamic and ever-growing activities that contribute to innovation while also fighting the lagging data security efforts intended to protect the business — that are becoming increasingly insufficient. The foundation of agile data security begins with cloud-native data discovery and classification which detects all known and unknown, or “shadow,” data to help organizations understand what data resides where, how sensitive the data is, and who or what has access to it. With this context, security posture can be assessed and appropriately enforced. From there, it's critical to have the ability to continually monitor and protect against emerging threats. The addition of DAG and DDR to the Laminar Data Security Platform provides the following benefits to organizations: Data Access Governance (DAG) reduces exposure and minimizes the blast radius from data leaks by controlling user and machine access to sensitive data and ensuring least privilege. Data Detection and Response (DDR) alerts on data breaches and other anomalies as they occur to quickly contain any active threats and minimize the potential damage for businesses. The new DAG and DDR services complement the following capabilities already existing in the Laminar Data Security Platform: Data Landscape Intelligence: Provides a holistic view of asset and data inventory with contextual intelligence from autonomous discovery and classification of all known and unknown cloud data. Data Security Posture Management (DSPM): Enforces policies and safeguards sensitive data with risk-based prioritization, enabling organizations to focus on what matters most. Privacy & Compliance: Ensures data security practices align with regulations and standards to streamline audits, avoid fines and reduce audit costs. Laminar is the only data security provider to now integrate all five elements of an agile platform architecture for a complete data security solution. This integrated design provides more accurate detection, comprehensively protects data, and streamlines remediation. “Security-in-depth best practices have historically needed the ability to identify, protect, detect, and respond to threats. Cloud data security is no different,” said Amit Shaked, CEO and co-founder, Laminar. “Our new DAG and DDR features make our platform the reference model for achieving agile data security in the cloud. All five components work in conjunction to deliver a unified, streamlined experience.” “Protecting data in the cloud requires different tools than are used to protect on-premises data, and organizations need a purpose-built cloud data security solution. Enterprise Strategy Group recommends organizations explore solutions like Laminar that provide a holistic approach to the entire process of securing data in the cloud and provide unified and integrated data security across multiple clouds,” said Jack Poller, Senior Analyst, Enterprise Strategy Group. About Laminar Laminar is the leading agile data security platform and provides organizations with the visibility and control they need to achieve data security, governance, and privacy in the cloud. Our cloud-native data security solution continuously discovers and classifies all cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Laminar connects to your multi-cloud environment including AWS, Azure, GCP, Snowflake, BigQuery and SaaS applications via APIs and is agentless, asynchronous, and completely autonomous.

Read More

Network Threat Detection, Platform Security, Software Security

Coro Acquires Network Security Startup Privatise

Businesswire | July 27, 2023

Coro, the modern cybersecurity platform for mid-market organizations, today announced the acquisition of Privatise, an Israeli supplier of network security solutions for in-office and remote work. The acquisition adds critical SASE capabilities to Coro’s all-in-one platform and is part of an aggressive growth strategy, fueled by Coro’s $155M funding over the last 12 months, to expand the capabilities of Coro’s cybersecurity platform both organically and through strategic acquisitions. As the network edge continues to expand, Gartner predicts that by 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access using a SASE/SSE architecture.** The challenge for mid-market organizations – who have lean IT teams, limited budgets and little to no cybersecurity expertise --is managing the cost and complexity typically associated with SASE implementations. With the Privatise acquisition, Coro now offers a single source of comprehensive security and protection -- all managed through a unified, cloud-based platform -- for any organizational configuration. Coro’s SASE solution includes military grade VPN, Secure RDP, ZTNA, Next Generation Firewall, DNS Filtering, and is fully integrated into Coro’s holistic security architecture, eliminating security gaps caused by siloed approaches to SASE. Whether a company’s assets are cloud first, on-prem, or hybrid, Coro can protect the user, the device they use, the network they connect through, their emails, and the data they access, use and share, all while ensuring compliance with critical supply chain and industry regulations. “Since its founding, Coro has focused on delivering a comprehensive, yet affordable and easy to use cybersecurity solution for mid-market companies,” said Guy Moskowitz, CEO, Coro. “By integrating Privatise’s SASE capabilities into our platform, we offer the industry’s first mid-market solution to deliver cloud-native, seamless and secure access to applications and resources regardless of location or device. We will continue to invest in Coro’s platform, both organically and through acquisition, to help companies strengthen their security posture and improve their operational efficiency.” The Privatise acquisition is the latest milestone in Coro’s growth and momentum. In April, the company announced a $75M funding round from Energy Impact Partners, bringing the total funding raised in the last 12 months to $155M. Coro projects it will grow 300% year-over-year in 2023, extending its extraordinary 300% annual growth record to a 5th year in a row. The Company’s modern approach to cybersecurity – delivering enterprise grade security through a single platform that unifies, simplifies and automates workloads -- has been validated by more than 5000 mid-market customers across every vertical industry. Over the past year, Coro tripled its revenue, customer and employee base, and signed more than 100 new channel partners. About Coro Coro provides modern cybersecurity that unifies comprehensive protection into a single platform. Coro empowers organizations to defend against malware, ransomware, phishing, data leakage, insider threats and email threats across devices, users, and cloud applications. More than 5,000 businesses depend on Coro for protection, unrivaled ease of use, and unmatched affordability. Coro’s cybersecurity platform automatically detects and remediates the many security threats that today's distributed businesses face, without IT teams having to worry, investigate, or fix issues themselves. In addition to Energy Impact Partners, investors in Coro include Balderton Capital, JVP, and Ashton Kutcher’s Sound Ventures.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

More featured news