Feature
Basic€439 / mo
Pro€899 / mo
Enterprise€1.399 / mo
1-click bulk update of alert rules?Update, enable or disable the alert rules you choose with one single click.
Alert Rule Calibration and Recommendations?Ongoing, automatic recommendations based on a value matrix for your environment on which alert rules to enable and disable.
120 alert rules
Log Source Calibration and Recommendations?Ongoing, automatic recommendations based on a value matrix for your environment on which log sources to enable and disable.
20 log sources
Configuration Recommendations?Ongoing, automatic recommendations based on a value matrix for your environment on which basic configurations to enable and disable.
Top 5
SKU Level Optimization?Monitoring of SKU levels with recommendation to change levels if consumption level can provide savings.
—
—
Cost transparency for Log Sources?Overview of what your log sources actually cost on a detailed table level.
Top 5
Top 5
Customizable Value Settings?Overwrite the recommended value (i.e. cost and gain) from Seculyze for your custom value level.
—
Log changes in alert rules and log sources?Alert rules and log sources changes are kept in a log with change type, comment, date and name.
—
Automated Rule Deployment?Enable that Microsoft alert rules are updated automatically when new KQL code is released.
—
Automatically follow all recommendations?Enable so all recommendations on alert rules, log sources and configurations are followed.
—
—
Microsoft Alert Rule Integration?Microsoft alert rules templates are integrated and shown directly on the interface.
Third-party Alert Rule Integration?Integrate 3rd party alert rules in the Seculyze portal. They are shown in the log source value analysis, but does not have a value analysis.
Classification ML algorithm?Classifies alerts into false positives, true positives and undetermined.
—
Customizable Automation Settings?Change settings for your own automatic ML tuning rules, e.g. custom tags in Sentinel.
—
1-Click Close False Positives?Close all false positives with a single click.
—
Auto-handle False Positives?Create automatic tuning rules based on analytical data for each alert rule.
—
—
Identification of True Positives?The ML algorithm also indicates which alerts are true positives.
—
Threat Intelligence on Security Alerts?A number of open and closed source threat intelligence sources is used to enrich the alerts.
Continuous alert enrichment?A number of OSINT (Open-Source Threat Intelligence) sources, e.g. WHOIS, is used to enrich the alerts to increase analysis speed.
Risk-based priority (low / medium / high)?Based on a unique algorithm, OSINT and Threat Intelligence are combined to provide a low, medium and high risk rating of security alerts.
View and Explore your Enriched Alerts?Get an easy overview of enriched alerts with observations and, based on that, easy to follow actions.
Custom Tags on your Sentinel incidents?Tag incidents with threat intelligence in your Sentinel instance.
—
—
Agent SOC / Triaging?Automatic triaging of alerts as well as recommended actions.
—
—
Easy-to-use Data Collection Rule tool?Provides an easy overview of Data Collection Rules (DCR), both potential savings and current implemented.
—
—
Vertical log ingestion removal?Remove ingestion cost in table columns and fields that do not provide value.
—
—
Horizontal ingestion removal?Remove cost in log entries that either do not provide value or are duplicate.
—
—
Summary rules & low-cost storage move?Aggregate large sets of data to provide cost savings on verbose logs.
—
—
Remove duplicate events?Clean up log sources, so duplicate events in the same log source are not present multiple times.
—
—
Remove log source overhead?Remove overhead from select log sources, e.g. comments in logs.
—
—
Monitor log source ingestion?Monitor the ingestion level and that logs are actually ingested.
—
Alert management on log ingestion?Get an alert if logs are over-ingesting or are not ingested at all.
—
Spike management of individual costs?Monitor ingestion and set capacity and ingestion thresholds to ensure spending does not run out of hand.
—
Two-way Data Sync?Data is synchronized between Microsoft Security portfolio and Seculyze.
Online Support?Support is provided through our chat app in the application.
Easy installation?The Seculyze application is created through infrastructure-as-code, so once you have provided the required Azure secrets, installation is run as code.
In-App Onboarding & How-To Guides?Access to how-to-guides, knowledge articles, and private tours of the application with in-app onboarding.
Multiple User Privilege Levels?Add users with different levels of privileges, e.g. admin, user and read-only users.
—
Customizable URL?Get your own custom URL of at least 4 letters, i.e. xxxx.seculyze.com.
Auto-Generate Documentation?Easy and fast incident reporting, including NIS2 compliant, based on multiple inputs done with AI and masking of data.
—
—
Monthly reporting?Easy monthly reporting with management summary, threat intelligence, alert statistics, etc.
—
—
Your Own Managed Key to encrypt data?Alert data transferred to Seculyze is encrypted via keys that are in the Seculyze tenant and managed by the Customer.
—
—
ITSM Integration?ITSM Integration to Jira, Autotask, ServiceNow, etc.
—
—
Single Sign-On (SSO)?Federate your AD sign-in with the Seculyze software.
—
+€199
+€199
Segregated Infrastructure?You will have the Seculyze application running on a segregated namespace in Azure.
—
—
+€999