Red Canary incident

Delayed Telemetry Processing for Multiple Telemetry Sources

Minor Resolved View vendor source →

Red Canary experienced a minor incident on February 9, 2025 affecting Detections and VMware Carbon Black Cloud and 1 more component, lasting 10h 15m. The incident has been resolved; the full update timeline is below.

Started
Feb 09, 2025, 04:42 AM UTC
Resolved
Feb 09, 2025, 02:58 PM UTC
Duration
10h 15m
Detected by Pingoru
Feb 09, 2025, 04:42 AM UTC

Affected components

DetectionsVMware Carbon Black CloudMicrosoft Office 365CrowdStrike FalconAmazon Web ServicesMicrosoftMicrosoft AzureSentinelOneTrend Micro Endpoint Detection and ResponseJamf Threat Defense

Update timeline

  1. investigating Feb 09, 2025, 04:42 AM UTC

    We have identified an issue that is causing delayed telemetry processing for Carbon Black Cloud EDR, Microsoft Defender for Endpoint, Microsoft Office365, SentinelOne, CrowdStrike, TrendMicro, AWS, Microsoft Azure, Jamf, and Linux EDR. This delay in telemetry may cause potential delays in detecting threats based on this telemetry. We are investigating the cause of this issue currently and will provide updates as we know more and are able to take action to address the issue.

  2. investigating Feb 09, 2025, 04:43 AM UTC

    We are continuing to investigate this issue.

  3. monitoring Feb 09, 2025, 05:40 AM UTC

    A fix has been implemented and we are monitoring the results.

  4. resolved Feb 09, 2025, 02:58 PM UTC

    This incident has been resolved.