U.S. based 24×7 security operations including threat hunting, forensic investigations, and remediation recommendations.


The entire XDR platform is delivered, monitored and maintained as a service by our SOC team.

All alerts are handled by the SOC and customers are notified when anomalies are detected with recommended remediation instructions and what actions have already been taken by the SOC to isolate the issue.


Our Security Operation Center (SOC) is a virtual operation that is hosted in Amazon Web Services (AWS).

Access to systems hosted in our virtual SOC is tightly controlled and logged through both 2FA VPN access, ED25519 key exchanges, and hardware OTP keys. 

Our platform is designed for zero-trust, virtual SOC operations from anywhere in the world, allowing our analysts to work remotely at any time for any reason.

SOC Alerts

The Security Operations Center (SOC) receives aggregated alerts from our XDR platform installations that allows the SOC to monitor many different types of events.

The events come from these high level breakdowns:

  • Network Events
  • Cloud Events
  • Agent Events
  • Vulnerability Events
  • Integration Events