threatDetector Early Access Sign Up

Noise Cancellation for your AWS Logs

Sign up for early access to thatDot's cutting edge AWS log analysis tool. Process CloudTrail logs in real time. Identify attack behaviors by both insiders and external attackers with unprecedented speed and accuracy.

And say goodbye to false alarms!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

threatDetector for AWS CloudTrail Logslearns what is normal.

Stolen Credential Use

Cut out the noise that comes with operating on public cloud infrastructure. threatDetector isolates and elevates the true outsider threats, reducing false positives by 10x and making analysts more productive.

Credential Misuse by Insiders

Spotting misuse by trusted insiders can be nearly impossible. Too many false positives cause analysts to ignore real ones. threatDetector alerts when insider behavior becomes a problem.

Configuration change alerts

Even an honest mistake can cost your business tens of thousands of dollars. Catch configuration changes that expose key data and shut down unused services before they impact you.

Brute force authentication attacks

Even when attacks aren't subtle, they can be tough to spot in a noisy environment. threatDetector generates actionable, contextually-rich alerts in real time.

Why threatDetector?

threatDetector for AWS CloudTrail logs is a graph AI technique that provides IT security analysts with real-time, priority-ranked threat alerts along with context-rich explanations of each alert to allow rapid and confident responses.

Stop wading through pages of false positives, each requiring extensive research in other systems. Only threatDetector for AWS CloudTrail provides alert prioritization, threat classification, and research context in one alert.

Getting Started is Easy

Setting threatDetector for AWS CloudTrail up to run on AWS is easy. After you sign up for Early Access, we'll send you a link to an AWS Marketplace image. Install threatDetector and follow these steps:

  • Start threatDetector in your account to automatically ingest CloudTrail log data from your S3 bucket via API.
  • By simply ingesting your logs, threatDetector automatically learns what is normal and what is novel in your environment.
  • When truly novel events are detected, alerts show up in the threatDetector console.

DARPA-developed, field-proven.

threatDetector is built using thatDot's proven Novelty Detector platform, which was developed as part of a DARPA-funded project to completely reimagine anomaly detection.

Novelty Detector uses categorical data to build a comprehensive behavioral fingerprint of your data. This deep contextual understanding eliminates false-positives and provides WHY an anomaly was identified, making it immediately actionable.

Existing anomaly detection techniques rely on numerical data and threshold analysis, which breaks down in the face of high data dimensionality and produces high volumes of false-positives.