SEC.ONE Threat Hunting

SEC.ONE Threat Hunting application is a SaaS solution providing security visibility and threat hunting capabilities for small, medium and enterprise size companies.

It requires NetFlow and/or SYSLOG to be configured on edge devices such as firewall, router or WebProxy in order to be sent and analysed in our SaaS Cloud. Our solution tracks the traffic flows within company and raise alarms in case communication with public IP address with bad reputation is detected (typically associated with malware, phishing, spam or other threats).

Customer may use the application to review an alarm and verify our findings, add IP addresses to whitelists (will not pop-up as the alarm anymore) or blacklists (will always trigger the alarm). We also support changing alarms status such as Triage, Investigation, False Positive, etc.

If there is a critical issue found (something we call 'a needle in a haystack'), a customer can ask us for additional help with investigation. Dedicated and experienced Security Analyst will help to understand the impact and possible remediation.

No need to deploy any VMs, no containers, no collectors, no servers required. It's 100% SaaS service with onboarding taking 5 minutes. Monthly subscription, can cancel anytime. Demo and Freemium plan without any costs.