Rapid Response and Recovery
Obsidian arms incident response teams with the data and tools they need to quickly investigate, contain, and recover from breaches. With consolidated access to activity data that has been enriched with geolocation, user access, and information about known bad actors, incident responders can investigate issues, identify the root cause, and assess impact with minimal impact to production.
Rapid Access to Data across SaaS
Connect in minutes and get instant visibility to “black box” data around access to activity that has been enriched with geolocation, event type, ISPs, devices, and known bad actors.
Minimal Impact to Production
Analytics and Insights
Rapid Access to Data across SaaS
Connect in minutes and get instant visibility to “black box” data around access to activity that has been enriched with geolocation, event type, ISPs, devices, and known bad actors.
Minimal Impact to Production
Analytics and Insights
Are You An Incident Response Firm?
Use Obsidian to upgrade your capabilities in the rapidly growing area of SaaS assessments and response. Focus on building your high-margin cloud services rather than data handling. Shift the time spent from data collection and processing towards better incident response and reporting. You can use Obsidian for investigations at no cost for up to 45 days.
Obsidian partners are ready to respond to any type of cloud security incident, and offer technology, intelligence, and expertise across the security lifecycle.

Active Intrusion

Proactive Assessment

Penetration Testing

Mergers & Acquisitions

Free 30-Day Access for Sunburst Response
Detect, investigate, and respond to:
- Suspicious use of service principals such as unusual activity in dormant applications
- Anomalies and out-of-policy behavior in file downloads, OAuth applications, PowerShell execution, and account creations.
- Privileged account creation, changes, and inapropriate activity.
- MFA removal and attempts to login without MFA.