unified threat monitoring

More than a SIEM

Rapid deployment

Instant discovery of risks


Real-time everything

security operation centre

White Label


Vulnerability management

Included are external and internal vulnerability scanning and reporting. It will show easily exploitable corporate assets.

Summary of all events

Dashboards can be edited on the fly using simple interface. Change the metrics to what is important to you, no limits.

Security Operations Centre in a box

All systems, networks, devices report to single dashboard for maximum visibility and corelation. All data is filtered through included threat intelligence feeds and other fancy tools.

Any source feed, log or data in minutes.

Monitor your IDS, firewall, Windows audit logs, SQL data, reverse proxies, mail systems, phone systems, mobile devices, endpoints… We support them all.

Auto classify security incidents

Using the same sensoring tools as the worlds largest enterprises, we save time by automatically classifying incidents.

Show me corporate systems exchanging data with known cyberiminals

Detect if any events are to/from malicious sites using built-in threat intel, then check again with real-time authoritative online lookup.

Which countries is my network communicating with and why

All source/destination can be enriched with Geolocation data, answering questions such as: “why is 30% of entire corporate traffic to East Asia”?

Firewall monitoring:

See attempts to compromise and measure the effectiveness of your threat intelligence. See how many packets were dropped due to policy and how many due to threat intel. THE most intuitive firewall console.

Host integrity monitoring

Log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, active responses... If you do not have these tools, they are included at no cost. HIDS service helps meet compliance, such as PCI and includes file integrity monitoring.

Full capture of payload

Complete forensic information, including payload, headers, application info are recorded and stored.

Interactive timeline of events

Time series data events can be stored for years for forensic analysis or investigations. Dynamic visualizations will effortlessly identify potential anomalies.

ThreatDefence Support

Expand the capacity of your security and ops team at a fraction of the cost. ThreatDefence team will provide access to experts who can deploy, configure, fine-tune and customise to your needs. Save time and resources by having our engineers deploy, analyse, curate, manage and review your network to ensure it is fine-tuned and effective.

Some of the services included:

  • Complete deployment of the solution;
  • Analysis and implementation of new features;
  • Integration of new source feeds into the SIEM;
  • Technology consulting and advisory.


Our goal is not to sell you software, but to reduce cyber risk exposure. This is how we help:


Automated Threat Detection

Plug&play appliance

Toolset to identify risk

No projects or installations

TD provides support

Managed Threat Detection

Cyber threat hunting

Regular reviews

Ongoing assurance

Inherit experience

Threat Remediation

Lead or assist

See results in realtime

Work with your IT

Decades experience

Cyber security readiness

Within the first 2 minutes after powering on the appliance, ThreatDefence detected that 4x of our internet exposed servers have been compromised by overseas hackers. Established SSH network sessions from overseas simply popped up on our screen. The effortless detection of the unknown threats was impressive.

Michael C

IT infrastructure manager, SFA

Effective decision making is driven by the strength of the information available. Out of the box connectors and dashboards allowed us to move from implementation to action in minutes. Combining TD’s capability with their proactive management service and regular posture review’s places us in a strong position of readiness.

Ross Forgione

CIO, Johnson Winter & Slattery Lawyers

Having the ThreatDefence solution report in real time and in such high level of detail allows us to detect new types of threats and respond in the shortest possible timeframe. Today we are more secure, more responsive and able to minimize even the most complex threats thanks to the ThreatDefence team and their solutions.

Luke Shaw


Our Finds

Compromised regional office

Transmitting plain text credentials

Secret chatter from new appliance

Business partner sending malicious emails

Running torrent on business computer

Former business partner hires hacker

Employee logging in from different countries

Firewall audits from the wire