Public Research

Welcome to Red Canary's public research repository!

Table of Contents

ATT&CK Technique Prevalence

Red Canary publishes an annual Threat Detection Report that is an in-depth look at the most prevalent ATT&CK® techniques designed to help you and your team focus on what matters most.

This machine-readable data illustrates how often each ATT&CK technique is leveraged in a confirmed threat in our customers' environments.

Heaven's Gate for Linux

Heaven’s Gate was originally published as an attacker technique for Windows. This technique allowed malicious software to evade endpoint security products by invoking 64-bit code in 32-bit processes, effectively bypassing user-mode hooks. This technique has since been mitigated in Windows 10+ through Control Flow Guard (CFG).

Red Canary has been successful in reproducing a variation of this technique for Linux.