Obsidian improved our ability to promptly identify, investigate, and completely contain account compromise. We got more value out of Obsidian in two weeks than from four years of CASB.


Chief Information Security Officer

Global Fortune 500 Retailer

The Challenge


36% of Breaches Use Compromised Tokens, Making It Harder to Detect Attackers


1-in-6 SaaS Breaches Start with Spearphishing Attacks


1-in-2 Breaches Start with SSPR, SIM Swapping, and Help Desk Social Engineering

The Obsidian Approach

CleanShot 2024-05-15 at 15.10.43@2x

Detect and stop threats in minutes

  • Benefit from ML-based algorithms to identify anomalous user behaviors¬†
  • Gain a normalized view of identities to help detect suspicious behavior across apps
  • Kickstart with out-of-the-box detection rules mapped to the MITRE ATT&CK framework¬†
  • Leverage detection rules informed by hundreds of incident response engagements
  • Customize detection rules with automated backtesting to adapt to your specific environments
Screenshot 2024-05-16 at 8.34.57 AM

Block spearphishing and token compromise

  • Prevent users from submitting credentials to phishing sites
  • Thwart AiTM frameworks like Evilginx using visual and content analysis with the Obsidian Browser Extension
  • Gain context into phishing attempts to identify high-risk users and applications
  • Create your own phishing detection rules for targeted campaigns
Screenshot 2024-05-16 at 8.35.06 AM

Accelerate incident response

  • Baseline user behavior trends to expedite alert triage
  • Gain context-enriched alerts, including user metadata, IP, geolocation, and more
  • Start with tailored remediation steps to accelerate response efficiency
  • Easily search human-readable SaaS logs to quickly pivot on IP, user, geolocation, and event type for efficient triage
  • Integrate with SIEM and SOAR platforms to automate incident response workflows

Explore Identity Security Use Cases

Stop Token Compromise

Detect and respond to Adversary-in-The-Middle (AiTM) attacks in minutes to defend against breaches.

Prevent SaaS Spearphishing

Prevent advanced SaaS phishing attacks from stealing sensitive business data.

Detect Threats Pre-Exfil

Detect and respond to attacks like SSPR and social engineering before data exfiltration.