Sold by: Red Canary
Deployed on AWS
Vendor Insights
Red Canary detects and stops threats 24x7 across your endpoints, network, cloud, identities and SaaS applications.
4.7
Overview
Red Canary gives customers the confidence they need with unmatched, actionable intelligence and 24x7 expert response to stay ahead of adversarial threats. With customer-validated 99% threat detection accuracy, security teams can focus on the threats that matter instead of wasting time on noise. With a combination of actionable threat profiles, intel-driven analytics, and specific response and remediation recommendations, your team can make better decisions and prioritize resources according to the most relevant threats to your organization. Features:
- 24/7/365 expert investigation of potential threats
- Advanced threat detection
- Global threat intelligence team
- Continuous threat hunting
- Proactive response and remediation
Highlights
- Unmatched threat detection accuracy, Red Canary helps protect your endpoints, network, cloud, identity and SaaS applciations.
- Actionable threat intelligence with on-demand adversary insights and expert collaboration so you can stay ahead of threats.
- Guided, automated or human-led 24/7 expert response so you can focus on your business objectives instead of the next cybersecurity event.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
ISO27001
AWS Security Specialization
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months | Overage cost |
|---|---|---|---|
Endpoint | Computer or instance running Windows, MacOS, or Linux | $120.00 | |
Account | User account | $100.00 | |
Resource | Cloud resource | $250.00 | |
Network | Network coverage | $20.00 |
Vendor refund policy
No refunds
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Red Canary
By Arctic Wolf
By Deepwatch
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Threat Detection Accuracy
99% threat detection accuracy across endpoints, network, cloud, identities and SaaS applications
Continuous Threat Hunting
Continuous threat hunting capabilities with proactive identification and analysis of potential threats
Threat Intelligence Integration
Intel-driven analytics powered by global threat intelligence team with actionable threat profiles and adversary insights
Automated Response and Remediation
Guided, automated, and human-led response capabilities with specific remediation recommendations
24/7 Expert Investigation
Round-the-clock expert investigation and response services for potential threats across all security domains
Continuous Threat Monitoring
24x7 monitoring of networks, endpoints, and cloud environments for threat and risk detection
Incident Detection and Response
Managed investigations and guided response capabilities to detect and respond to critical security incidents within minutes
Multi-Environment Coverage
Monitoring across networks, endpoints, and cloud environments for comprehensive security visibility
Security Operations Platform
Arctic Wolf Platform providing the foundation for threat detection and response capabilities
Managed Security Team
Named security experts with cloud expertise providing security advisory and operational support
Alert Prioritization Engine
Patented Dynamic Risk Scoring alert engine for precise threat identification and response prioritization
Security Monitoring Coverage
24x7x365 monitoring and threat response across AWS environments, Splunk, and foundational SOC tools
Managed Security Services
Comprehensive offerings including Managed Detection & Response (MDR), Managed Endpoint Detection & Response (MEDR), Managed Vulnerability Management (VM), and Managed Firewall (FW)
Security Posture Assessment
Proprietary Security Index with quantitative analysis and industry benchmarking for SecOps program maturity evaluation
Threat Hunting Capabilities
Proactive threat hunting and precision response to threats across the attack surface
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
John Hoffoss
Gained trusted 24/7 threat coverage and now focus security efforts on architecture and design
Reviewed on Mar 25, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Red Canary is to ensure I can sleep at night by getting 24/7 coverage by a capable team to investigate any alerts for the systems that we have in place to ensure we don't have any security or suspicious activity.
I can give you a specific example of a situation where Red Canary helped me out and made a difference: we've had more than a few instances where a user clicked on a phishing link, invoking connections to hostile sites. Through alerts in Defender, the Red Canary team identified, confirmed, and investigated the threat before they reset the user's credentials and contacted us to work with the user to resolve the situation.
I have at least one other instance where Red Canary investigated an alert and continued doing additional investigations of logging and activity from that user and their systems around that proximity to confirm that there was no further suspicious activity.
What is most valuable?
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues.
The Red Canary team's expertise stands out compared to others I've worked with because their team is organized into smaller pods that support a given number of clients, so they're not just a bevy of operators going around the clock. The teams themselves have coordination and cohesion, and they get to know us. Their integrations into the different platforms and systems that we use all line up with our needs, whereas a number of other platforms offered a different variety of integrations that did not line up with our requirements.
Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization. With the freed-up resources, we've been able to implement CSPM, SAST , software testing tooling, and engage much more closely with our developers and engineers to focus on secure architecture and design.
What needs improvement?
Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including the types of data they're looking at and the types of systems that they're integrating with.
For how long have I used the solution?
I have been using Red Canary for three and a half years.
What do I think about the stability of the solution?
Red Canary is stable.
What do I think about the scalability of the solution?
Red Canary's scalability has been a non-issue for us; we've been able to connect and throw all of the data that we have access to over to their systems to parse, process, and monitor without issue. There have been no issues or challenges in scaling, so I have not noticed any pain points when trying to scale up.
How are customer service and support?
Their customer support is excellent, with monthly calls with our CSA, who takes care of us.
Which solution did I use previously and why did I switch?
I previously used a different solution called Blue something, but I cannot recall the exact name. I decided to switch from that solution to Red Canary because they were a managed SOC provider and they were not good; they were very cheap, with very poor service.
How was the initial setup?
My experience with pricing, setup cost, and licensing is that everything went very smooth. Pricing was straightforward, and we were done with setup during our POC, not having any additional work or rework that we had to do when we moved to production.
What was our ROI?
I think that we have probably spent maybe 15% of the time that we were spending on incident investigation and system monitoring, demonstrating a return on investment.
Which other solutions did I evaluate?
Before choosing Red Canary, I evaluated other options, specifically Expel and Cydrus.
What other advice do I have?
My advice for others looking into using Red Canary is that as long as your system integrations line up with their support, I think you'll be happy.
Insurance
Exceptional Partner, But Detection Gaps During Pen Tests
Reviewed on Oct 31, 2025
Review provided by G2
What do you like best about the product?
The IR team and detection engineers here are truly outstanding, and it's always a pleasure to collaborate with them. The implementation of Red Canary was very easy and their onboarding team was great to work with.
What do you dislike about the product?
Over the past few years, we've undergone several external penetration tests, and during these assessments, Red Canary was not able to identify the malicious activity while the tests were ongoing.
Also, they do not have any sort of alert ingestion integrations with Splunk or other SIEM platforms, and we needed to rely on custom API scripts to ingest alerts into our SIEM.
Also, they do not have any sort of alert ingestion integrations with Splunk or other SIEM platforms, and we needed to rely on custom API scripts to ingest alerts into our SIEM.
What problems is the product solving and how is that benefiting you?
Red Canary serves as our 24/7 SOC analyst, monitoring our systems during off hours. In addition, Red Canary acts as an extra layer of oversight, working alongside our internal SOC team to enhance our security monitoring.
Higher Education
Red Canary Gives Peace of Mind and Streamlines Incident Response
Reviewed on Oct 31, 2025
Review provided by G2
What do you like best about the product?
I sleep better at night knowing the Red Canary team has our back. Before Red Canary, I would need to interrupt my day to perform investigations on alerts that came into my mailbox, that included after hours alerts that would take me away from my family and friends for hours at a time. With Red Canary, they now take that off my plate and I trust fully in their investigations, analytics, and alert categorization. The configuration of playbooks and integrations into our platforms, allows automation of activity that I would have had to do manually through several different platforms and innumerous clicks. Red Canary has simplified and made more efficient response times in addressing incidents, even in some cases, retroactively analyzing telemetry that was initially not viewed as a threat, but found later to be something to worry about. The platform is easy to navigate, the implementation team was knowledgeable, I'm in the dashboard every day to see what's new on their feed and to see how they've protected our environment. On the rare occasion I need to reach out to support, they are responsive, professional, and knowledgeable to find me a solution. I am whole heartedly thankful that we invested in Red Canary!
What do you dislike about the product?
It's hard for me to find a dislike about Red Canary, I've used the service for about 12 months and any negatives I've encountered in their service is addressed by my account team or customer support.
What problems is the product solving and how is that benefiting you?
We are required to have 24/7 monitoring, which is difficult for a small staff that likes to sleep at night and spend time with their family after hours. Red Canary has helped us address threats after hours, have alerted us on potential threats that we should be concerned about, and keeps us up to date on the latest threats that could impact our environment.
Manufacturing
Quick, Easy, and Supported by an Excellent Team
Reviewed on Oct 28, 2025
Review provided by G2
What do you like best about the product?
Red Canary is quick and easy to work with. They have excellent people working for them that greatly assist with triage of alerts.
What do you dislike about the product?
Identity threats can throw a lot of alerts that Red Canary folks can't act on.
What problems is the product solving and how is that benefiting you?
Red Canary is helping to scrub through all of our alerts to help identify security threats.
Nyír V.
Innovative Platform with a Fantastic Team
Reviewed on Oct 28, 2025
Review provided by G2
What do you like best about the product?
Great team, platform, and innovations; I love how they are developing new features, integrations, and listen to client feedback.
What do you dislike about the product?
Nothing comes to mind; entirely possible that the few tiny things that would help me with yearly or quarterly administrative tasks (licensing true-up) are in place and I just need to go look myself.
What problems is the product solving and how is that benefiting you?
Very nearly a desired single pane of glass for our security stack, which is hugely beneficial to a small and elastic security team.