Rapid Response and Recovery

Obsidian arms incident response teams with the data and tools they need to quickly investigate, contain, and recover from breaches. With consolidated access to activity data that has been enriched with geolocation, user access, and information about known bad actors, incident responders can investigate issues, identify the root cause, and assess impact with minimal impact to production.

Rapid Access to Data across SaaS

Connect in minutes and get instant visibility to “black box” data around access to activity that has been enriched with geolocation, event type, ISPs, devices, and known bad actors.

Minimal Impact to Production

Analytics and Insights

Rapid Access to Data across SaaS

Connect in minutes and get instant visibility to “black box” data around access to activity that has been enriched with geolocation, event type, ISPs, devices, and known bad actors.

Minimal Impact to Production

Analytics and Insights

Are You An Incident Response Firm?

Use Obsidian to upgrade your capabilities in the rapidly growing area of SaaS assessments and response. Focus on building your high-margin cloud services rather than data handling. Shift the time spent from data collection and processing towards better incident response and reporting. You can use Obsidian for investigations at no cost for up to 45 days.

Obsidian partners are ready to respond to any type of cloud security incident, and offer technology, intelligence, and expertise across the security lifecycle.

Active Intrusion

Proactive Assessment

Penetration Testing

Mergers & Acquisitions

SolarWinds-SUNBURST

Free 30-Day Access for Sunburst Response

Detect, investigate, and respond to:

  • Suspicious use of service principals such as unusual activity in dormant applications
  • Anomalies and out-of-policy behavior in file downloads, OAuth applications, PowerShell execution, and account creations.
  • Privileged account creation, changes, and inapropriate activity.
  • MFA removal and attempts to login without MFA.
GET STARTED