Sherlock Subscription Benefits

Full Stack Security for One Monthly Price

Full Stack

Sherlock includes everything for the complete security of your business: people, process, and technology.

Automation

Sherlock makes code do all the hard work of detecting, identifying, and responding to attackers.

Control

Sherlock keeps you in control of your data, your security, and your compliance.

Scale

Like the cloud, Sherlock is infinitely scalable. Every component grows and moves with you.

Sherlock Subscription Packages

Cloud-based Security Options for Everyone

Monitor

Sherlock Managed SIEM

Sherlock Cloud SOC

Sherlock Decoy

Sherlock Threat Scan

Endpoint Protection

WAF

NGFW (onsite or cloud)

Hunt

Sherlock Managed SIEM

Sherlock Cloud SOC

Sherlock Decoy

Sherlock Threat Scan

Endpoint Protection

WAF

NGFW (onsite or cloud)

Protect

Sherlock Managed SIEM

Sherlock Cloud SOC

Sherlock Decoy

Sherlock Threat Scan

Endpoint Protection

WAF

NGFW (onsite or cloud)

Protect+

Sherlock Managed SIEM

Sherlock Cloud SOC

Sherlock Decoy

Sherlock Threat Scan

Endpoint Protection

WAF

NGFW (onsite or cloud)

Subscription Package Details

Tap the categories below to explore details

 

Sherlock Managed SIEM

The central component of Sherlock is our cloud-native Security Information and Event Management product. Purpose built and optimized to use the scale and power of the cloud.

The Sherlock SIEM will:

  • Auto-deploy and auto-scale
  • Ingest data from all your security sources: NGFW, endpoint, netflows, cloud logs, servers, DNS, and more
  • Take data from cloud or on-site sources
  • Use log data, not outdated packet capture, to sit lightly on your network while maintaining visibility
  • Mine all your data for indicators of compromise, suspicious activity, and unusual user account behavior
  • Catalog and categorize threat data
  • Alert SOC staff if there is evidence of an attack
  • Provide dashboards and reports
  • Store and archive data automatically
  • Ensure compliance with standards such as PCI, HIPAA, ISO 27001, and GDPR
  • Never stop ingesting data because you met a data cap
  • Never commingle your data
Sherlock Cloud SOC
The Sherlock Cloud SOC is our premier protection service. The Sherlock SOC will:

  • Provide 24x7x365 coverage from USA-based staff
  • Automate detection and response wherever possible
  • Conduct manual hunts for emerging threats or suspicious activity (on Protect and Protect+ subscription levels)
  • Deliver actionable security intelligence through the Sherlock Vision Portal
  • Integrate directly into your DevOps CI/CD pipeline
  • Integrate with your change management practices
  • Integrate with your reporting or alerting mechanisms
  • Use intelligence and creativity to design new ways to protect your data
  • Customize your reports and dashboards to meet your unique needs
  • Collaborate with your IT and security teams to stop attacks and remediate vulnerabilities
  • Spring to action if an attack is occurring
  • Collaborate with law enforcement or your legal counsel when necessary
  • Engage compliance experts from Anitian, when needed
  • Never commingle your data
  • Always keep you in control
Sherlock Decoy

Decoys, also known as ‘deceptions’ or ‘honey pots,’ are an area of advanced cybersecurity techniques that involve generating decoy users, servers, or network traffic in order to entice hacking. When an attacker scans or attempts to access the system, the deceptions technology profiles their activities and reports back to the Sherlock SOC.

Your Sherlock Decoy deployment includes:

  • Automated deployment in the cloud or on-premise
  • Customization to appear as legitimate systems in your environment
  • Customized analytics based on your risk profile
  • Real-time automated analytics
  • Regular updates to identify emerging threats
Sherlock Threat Scan

Sherlock Threat Scan will:

  • Automatically deploy and configure to scan your environment
  • Conduct regular and continuous vulnerability scans of everything, in the cloud or on-site
  • Report all its data to the SIEM
  • Be optimized to the systems and applications in your environment
  • Automatically update with the latest vulnerability definitions 
  • Conduct custom scans based on the latest threat intelligence
  • Conduct custom scans based on our internal intelligence from Anitian’s Ring.Zero penetration testing team
  • Auto-scale to meet your needs
  • Never commingle your data
  • Never stop scanning because you hit an IP cap (it auto-sizes)
Endpoint Protection

Sherlock Endpoint provides continuous monitoring and protection of all cloud and on-premise systems. Powered by Trend Micro, Sherlock Endpoint offers complete security.

Sherlock Endpoint will:

  • Auto-deploy to all your servers or workstations, either on-site or cloud
  • Provide comprehensive endpoint security:
    • Anti-malware
    • Endpoint firewall
    • File integrity monitoring
    • System integrity monitoring
    • Advanced system behavior analytics
    • Intrusion detection (IDS/IPS)
    • Malicious code quarantine
  • Integrate directly into your DevOps CI/CD pipeline
  • Send all data to the SIEM
  • Provide real-time protection
  • Update signature and definitions in real time
  • Ensure compliance with standards such as PCI, HIPAA, ISO, SOC 2, and GDPR
  • Never commingle data with anybody else

 

WAF

A web application firewall (WAF) is an essential component of security operations for businesses with large amounts of data flowing through HTTP applications. Among other things, a WAF protects servers from XSS and SQL-injection attacks, and can be tuned as applications or attackers evolve.

The Sherlock WAF includes:

  • Automatic deployment, tuning, and monitoring
  • Real-time updates based on the latest threat intelligence
  • Auto-scaling
  • Automated response to application attacks
  • Reporting all data to the SIEM
  • Ensure compliance with standards such as PCI, HIPAA, and ISO 27001
  • Customized reports and dashboards on the Sherlock SIEM
NGFW

For deep inspection and filtering of the traffic flowing through a network, a next generation firewall (NGFW) has been an important piece of a functional security setup. While the dominance of NGFWs is on the decline as those controls move increasingly to the cloud, they are still essential for many hybrid and onsite environments. The Sherlock team can deploy and tune NGFWs, both as code in the cloud and as physical devices, if needed.

Your Sherlock NGFW includes

  • On-site appliances for hybrid cloud environments
  • Real-time updates and monitoring
  • Automated responses, customized to your environment
  • 24x7x365 support and monitoring from the Sherlock SOC
  • Emergency change or updates provided
  • All events forwarded to the Sherlock SIEM
  • Full NGFW feature set including:
    • Firewall
    • Application control
    • Web filtering
    • IDS/IPS
    • Gateway anti-malware
    • VPN / Remote Access
  • All tuning, monitoring, updating, and support included
  • Diverse vendor support: Fortinet, Palo Alto, Cisco
  • Customized reporting and dashboards
  • Ensure compliance with standards such as PCI, HIPAA, SOC 2, ISO 27001, and GDPR
  • Co-management and monitoring only subscriptions available
Add On Components
You can enhance your Sherlock subscription with monitoring and management of any of these other security controls;

  • Data loss prevention (DLP)
  • Network IDS/IPS (on-premise)
  • Secure web gateway (SWG)
  • Network anomaly detection

These add-ons all include

  • 24x7x365 monitoring, management, and support
  • Customized reports and dashboards
  • All data forwarded to the SIEM
  • Automated responses wherever possible
  • Real-time updates

Get Help From Mom

Add Expert Professional Services from Sherlock’s Parent:

Anitian services can be added to your subscription at any time.

Anitian is a Qualified Security Assessor for PCI compliance.

RiskNow® Rapid Risk Assessment

VisionPath Compliance Services

Ring.Zero Security Testing

vCISO Leadership as a Service

Intrigued?

New Content from Sherlock

eBook

The Case for Security in the Cloud

Video

Security
as Code

Brief

The Future
SOC

Workbook

PCI in the
AWS Cloud