The new
SecOps Platform.

All your SecOps alerts, correlations, aggregations, vulnerability data & threat intelligence, all in one single platform.


Alert. Correlate. Analyse. Done exceptionally.

Built out of the need for an open, centralised platform for SOCs to house and triage security incidents and alerts, what emerged was not only the best front-line experiences, but also one of the most productive.


Alerting. Brought absolutely next-level.

Centrally view, manage, schedule & update all your SIEM alerts – across multiple SIEMs – across different vendors – and even across multiple clients, all without having to login to a single one.


Easily manage automatic git-based deployments out to every SIEM.

Automatic Validation

Each alert is tested to work effectively in the SIEM prior to deployment.


Monitor the performance of each alert as they run against your SIEMs.

Community Intelligence

Leverage the thousands of existing contributions from the detection community.


Ensure alert coverage by permitting each alerter process to scale horizontally.


See at a glance which of your alerts are running the slowest. Extend the timespan of any alert in a single click.


Eliminate all reoccurring false positives by easily setting filters and filter groups across multiple rules.


Giving you the
complete picture.

See a full timeline of what happened – across any hostuser, or any other indicator – to provide the full picture of an ongoing security incident, even across multiple incoming logsources.


All the information.
Everywhere it's needed.

Using all the tooling you already use, each alert is enriched using services like VirusTotal, WhoIS, Even see Geo IP Lookups, Process Trees and more – right in the alert screen.


All your alerts.
Already combined.

Never again deal with hundreds of duplicate alerts. See all security events aggregated automatically into a single alert as they are ingested. Other security events that may not have triggered an individual alert can now also be ingested & presented.


Bring all your
existing stack.

Out-of-the-box support for a wide range of SIEMs & Logging Platforms, Threat Intelligence Platforms, Vulnerability Management Solutions, and Communications & Escallation chains.

Committed to Open-Source. Always.
Coming Soon