Red Canary (a Zscaler company)
MDR provider known for deep Microsoft Defender expertise and high-fidelity detection engineering, acquired by Zscaler in 2025.
CompanyManaged Security Service ProvidersCloud
Pricing: Custom (contact sales)
Updated June 2026.
What is Red Canary (a Zscaler company)?
Red Canary delivers managed detection and response built on detection engineering rigor and broad telemetry ingestion (Microsoft Defender, CrowdStrike, SentinelOne, Palo Alto, Zscaler, AWS, Google Cloud, 200+ tools). It is widely regarded as a reference partner for organisations standardising on Microsoft Defender for Endpoint and Sentinel. Zscaler closed the $692M acquisition on August 1, 2025; Red Canary operates as a separate business unit within Zscaler.
Best for: Microsoft-centric organisations wanting Defender / Sentinel telemetry analysed by a high-fidelity detection-engineering team
Pros
- ✓ Reputation as one of the strongest MDR partners for Microsoft-centric security stacks
- ✓ Industry-recognised detection engineering and public threat research (annual Threat Detection Report)
- ✓ Vendor-broad integrations — does not require ripping out incumbent EDR
- ✓ Strong public research output keeps customer detections current
Cons
- ✗ Future roadmap will be shaped by Zscaler's strategy; long-term independence uncertain
- ✗ Premium positioning; not the cheapest option in mid-market deals
- ✗ Limited public pricing
Key Features
→MDR across endpoint, identity, cloud, SaaS, and network
→MDR for Microsoft (Defender for Endpoint, Defender for Cloud, Sentinel, Entra ID)
→24/7 SOC monitoring and triage
→Threat hunting and intelligence research
→Security automation and customisable response playbooks
→Managed phishing investigation and response
→Security data lake / long-term telemetry retention
→Detection engineering as a service
What People Are Saying
Real discussions and resources from the community.
Quick Info
| Pricing | Custom (contact sales) |
| Model | Subscription per managed surface |
| Founded | 2013 |
| Cloud | Yes |
| Self-Hosted | No |
Last updated: Jun 2, 2026
Red Canary (a Zscaler company) Alternatives
View All AlternativesArctic Wolf
Managed security operations platform with concierge-delivere...Critical Start
MDR provider built around its Trusted Behavior Registry and ...eSentire
Canadian MDR pioneer delivering 24/7 SOC services on the Atl...Expel
Vendor-neutral MDR founded by former Mandiant leaders, known...Secureworks (a Sophos company)
Long-established MDR and XDR provider built around the Taegi...
Managed security operations platform with concierge-delivere...Critical Start
MDR provider built around its Trusted Behavior Registry and ...eSentire
Canadian MDR pioneer delivering 24/7 SOC services on the Atl...Expel
Vendor-neutral MDR founded by former Mandiant leaders, known...Secureworks (a Sophos company)
Long-established MDR and XDR provider built around the Taegi...
Certifications
SOC 2 Type II