Identity-based attacks are surging, and security teams are struggling to keep up. Red Canary is pioneering a smarter approach that spots risky behavior earlier, helping you respond faster. This session will showcase how leveraging threat intelligence, user baselining, and GenAI can stop identity threats before impact.

A fun and engaging talk to discuss a few cyber threat intelligence topics on which Canaries have some hot-to-lukewarm takes. We will discuss our recent findings regarding surprising new adversary behaviors!

By focusing on detecting the early stages of the ransomware intrusion chain (the initial access, reconnaissance, and lateral movement) you can ensure ransomware attacks rarely result in exfiltration or encryption. We'll share specifics on where to focus your detection efforts in this session based on the data we've gleaned from analyzing over 93,000 real-world threats.

You may have noticed some unusual names in Red Canary’s reporting; when our Intelligence team encounters a cluster of activity that does not match any known threats we are tracking, we use a naming convention inspired by Red Canary’s own name: color + bird. We'll introduce you to some of the more persistent color bird threats we've been tracking over the years, with some birding advice on how to detect their behavior.

Security teams face an expanding attack surface, staffing shortages, and security controls that struggle to keep up. Red Canary is here to help. Learn how Red Canary’s intelligence-led approach to managed detection and response (MDR) helps you detect threats faster, respond and remediate quickly, and spend more of your time on business-specific and strategic work.

Red Canary detected more than 93,000 threats in 2024, noting a dramatic increase in adversaries targeting cloud and identity. For the seventh year in a row, the Threat Detection Report is our annual effort at making sense of those threats, the incidents we help our customers resolve, and the research we conduct to improve our products and our partners’ products. Join the report’s authors as they explore the most important findings of the year and discuss related research that will help you and your team better understand and prepare for the current threat landscape.

Learn how to use Atomic Red Team to test your security controls and exercise your incident response program. We’ll share use cases and test plans based on the most commonly encountered threats and adversary techniques, and discuss how to perform high-quality testing at scale using tools that integrate and enhance Atomic Red Team.

The evolving threat landscape has enough complexity, why add more with disparate systems and swivel chair procedures? With Managed XSIAM, security teams benefit from centralized functionality, Red Canary threat expertise, and comprehensive visibility across endpoints, network, SaaS applications, and more. Finally, security teams can focus on threats, and not noise. During this talk, you will learn how Managed XSIAM helps reduce false positives, uncover threats faster, and improve mission critical metrics like MTTD and MTTR.

Identity is the new perimeter, and attackers know it. Don't just react to threats—preempt them. Learn how Red Canary and Microsoft together empower you to proactively lock down identities and transform real-time signals into decisive threat response using advanced analytics and AI. See how we're reshaping identity security to keep you ahead of evolving attacks.