1. Scoping
SIEM platform, priority use cases, and access requirements
We improve what your SIEM catches and help your team hunt proactively. You receive deployable rules, tuning guidance, structured hunting playbooks, and queries your analysts can run and repeat.
Sigma
Rule format
MITRE
ATT&CK mapped
Playbooks
Hunt guides
Tuned
Your SIEM
Deliverables
Every engagement ends with concrete artifacts your team can use. Not slides. Browse sample outputs below.
Platform-ready rules with MITRE tags. Tuned for your SIEM, not generic templates.
Example Sigma rule
title: Suspicious PowerShell tags: attack.t1059.001
Live alert feed
Practical
Who it's for, how we work together, and where we draw the line.
SIEM platform, priority use cases, and access requirements
Engagement package
Fixed outputs and scope, agreed before we start. No surprises afterward.
Detection rules package for your SIEM platform
Detailed examples are shown in the deliverables section above.
Starting from €5,500 excl. VATPricing guidance