of the Cloud to Work for You
Sherlock automatically deploys a stack of security tools and controls in the cloud. It connects to all your environments and seamlessly ingests all your security and performance data.
Sherlock fully virtualizes your SOC in the cloud. Setup takes hours, not weeks. We relieve the burden on you and your team.
Sherlock never commingles your data. Your data always remains under your control. This reduces risk and simplifies compliance with standards like GDPR, PCI, HIPAA, and ISO.
Sherlock constantly hunts for attackers. The Sherlock team scours your data for indicators of compromise (IoC) using the latest automation, machine learning, real-time threat intelligence, and 20 years of security expertise.
There are no appliances to set up, no traffic to reroute, no hardware to maintain. Your Sherlock virtual SOC is delivered as a library of custom code for rapid, repeatable deployment in the cloud.
If there is an attack, the Sherlock team springs to action: we investigate, track, block, quarantine, and prevent the breach. Our USA-based team is on the job every day, all day, all the time.
Cloud-native, fully-managed SIEM with integrated threat intelligence and threat hunting powered by machine intelligence.
Automated, continuous scanning of systems, applications, and networks for suspicious activity and vulnerabilities.
Decoy systems deployed inside your cloud and on-premise environments to detect malicious activity in real-time.
Compliant by Design
Sherlock uses the best public and private threat intelligence data, optimized and customized for your specific business risks.
Sherlock can seamlessly integrate into DevOps teams for a CI/CD pipeline that is secure, by default and by design.
Sherlock is automatically deployed on the AWS cloud and connects to all your environments.
The Sherlock SIEM ingests all your security, application, network, and user behavior data. Machine learning and automated threat hunting scours this data for evidence of compromise.
Security controls deployed throughout your cloud and on-site environments forward information to our integrated dashboard, where we conduct investigations.
Sherlock SOC Analysts investigate and respond to threats, handling incidents for you and notifying you of any actions taken.
*Sherlock includes a stack of cloud-native controls:
- Sherlock SIEM: data analytics platform with integrated hunting.
- Sherlock Threat Scan: Automated system and network scanner.
- Sherlock Decoy: Deceptions to spot hackers pivoting in the environment.
- Sherlock Endpoint: anti-malware, file integrity monitoring, system integrity monitoring and more.
We also support many third-party technologies:
- NGFW: Palo Alto, Fortinet, Cisco
- SIEM: Splunk
- Endpoint: Trend Micro
- Vulnerability Management: SAINT, Tenable
- Web Gateway: Trend Micro
- DLP: ForcePoint
- IDS/IPS: Fortinet, Palo Alto, Cisco
- Sandbox: FortiSandbox
- DNS: OpenDNS
- WAF: AWS WAF, FortiWAF