Industry Profiles


Sherlock was designed specifically to meet the security and compliance needs of health care organizations.

First, Sherlock never commingles your data. Your data, and your patient’s data, never leaves your environment. Sherlock also can sign your BAA with no reservations. 

Next, we run our platform on the AWS cloud, both of which are compliant with HIPAA rules. 

Furthermore, every Sherlock subscription for a health care organization includes a HIPAA-specific risk assessment. We use the intelligence from that assessment to optimize your threat hunting. 

Finally, Sherlock also includes threat intelligence specifically designed for attacks on EMR platforms and exfiltration of PII. 

Sherlock is ideal for healthcare. Let’s chat.


Financial companies are under persistent attack. Criminal organizations are constantly developing new malware variants specifically for financial systems. Sherlock is built to defend your systems, and keep you compliant. 

First, Sherlock uses deceptions technologies and machine learning to mine your data for emerging threats. We augment this with user behavior analytics, to see if any users have unusual behavior. 

Next, we use the latest threat intelligence from public and private sources optimized for attacks on financial systems. 

Lastly, we host everything at AWS, which meets rigorous compliance requirements such as GLBA, ISO 27001, SOC, and PCI.  And of course, Sherlock never commingles your data, which means your data, and your customer’s data, remain under your control. 


Building a SaaS platform means agility. You must not only respond to support requests, customer demands, and emerging threats, but do all this while deploying new code…everyday. 

Sherlock is cloud-native and built for DevOps. Everything is code. Which means the security controls we provide seamlessly integrate into your CI/CD pipeline. When new instances are launched or new features enabled, Sherlock code automatically keeps everything secure. 

Moreover, Sherlock keeps all your data in your environment. We never commingle your data. 

Lastly, Sherlock uses cloud native tools and technologies. Our SIEM platform auto-scales to meet your growing demands. We can also relocate any aspect of the platform into any geography at a moments notice. Sherlock is full-stack security for a stack full of threats. 

Global Enterprise

The world’s leading companies are moving more and more of their IT resources onto large public clouds like AWS. Many global companies are now using a hybrid cloud model, with resources both in large public clouds like AWS and legacy on site systems as well. Sherlock is based in the AWS Cloud, but deals seamlessly with public, private, and hybrid clouds.

Regional regulations like GDPR and ISO-27001 can be expensive and difficult to deal with for companies with large international customer bases. Sherlock can auto-scale from a few hosts to a few thousand, in minutes. The platform can be geo-located, anywhere. And since we never commingle data, your data remains under your control.

Lastly, Sherlock can fuse directly into your existing security operations. You can offload detection and response, or the entire SOC.  All of this means you are free to focus on growing your business and making your customers happy.


Small and medium businesses are one of the most challenging areas of security. You have all the threats of the big companies, with a lot less resources. 

Moreover, as you already know, hiring and retaining quality security talent, especially cloud security people, is extremely difficult. 

Sherlock delivers enterprise-grade security, at SMB sized prices. Sherlock uses the power and scale of the cloud, to rapidly deploy security protections either on-premise or in the cloud. 

Also, Sherlock can augment your current IT staff, with full 24x7x365 coverage. 

Lastly, because Sherlock is all code, you can pay for only what you need, as you need it. Sherlock grows with you, seamlessly.


As a merchant, your most valuable resource is your customer data. A flood of mega-breaches in the last few years show the importance of proactive, professional managed security for all merchants.

PCI compliance is area where the Sherlock team has deep expertise. So much, in fact, that AWS requested we write their official workbook on PCI compliance in the AWS Cloud, which you can find right here. 

From secure machine images, to entire PCI environments, to painless compliance and audits, Sherlock and Anitian have the easy answer for anyone dealing with serious payment card requirements.

Sherlock can not only help you meet PCI compliance requirements, it can also get you ahead of the threat, and keep you there. 


New Content from Sherlock


The Case for Security in the Cloud


as Code


The Future


PCI in the
AWS Cloud