EclecticIQ

Platform

Learn more about our full-featured intelligence, hunting, and response platform.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Master the art of cyber threat intelligence and intelligence-led cyberdefense.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

EDR for IT Security

State-of-the-art threat detection & response protection for endpoints.

XDR for IT Security (coming soon)

Flexible intelligence-led threat hunting, detection & response cybersecurity.

Intelligence Center

Curated Feeds

Hunting Packs (coming soon)

Endpoint Response

Hunting, Detection and Response (coming soon)

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to boost your threat hunting capabilities with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For IT SecOps Teams

Power your security operations team with upgraded detection & response capabilities to defend your digital operating assets with our range of intelligence-led products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Threat Hunting

Raise your threat hunting game to bring asymptomatic threats to light and proactively mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Threat Detection & Response

Improve your detection and response coverage and resiliency in the face of relentless attacks with our collection of intelligence-driven endpoint tools.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Learn more about our full-featured intelligence, hunting, and response platform.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Master the art of cyber threat intelligence and intelligence-led cyberdefense.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

EDR for IT Security

State-of-the-art threat detection & response protection for endpoints.

XDR for IT Security (coming soon)

Flexible intelligence-led threat hunting, detection & response cybersecurity.

Intelligence Center

Curated Feeds

Hunting Packs (coming soon)

Endpoint Response

Hunting, Detection and Response (coming soon)

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to boost your threat hunting capabilities with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For IT SecOps Teams

Power your security operations team with upgraded detection & response capabilities to defend your digital operating assets with our range of intelligence-led products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Threat Hunting

Raise your threat hunting game to bring asymptomatic threats to light and proactively mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Threat Detection & Response

Improve your detection and response coverage and resiliency in the face of relentless attacks with our collection of intelligence-driven endpoint tools.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Learn more about our full-featured intelligence, hunting, and response platform.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Master the art of cyber threat intelligence and intelligence-led cyberdefense.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

EDR for IT Security

State-of-the-art threat detection & response protection for endpoints.

XDR for IT Security (coming soon)

Flexible intelligence-led threat hunting, detection & response cybersecurity.

Intelligence Center

Curated Feeds

Hunting Packs (coming soon)

Endpoint Response

Hunting, Detection and Response (coming soon)

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to boost your threat hunting capabilities with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For IT SecOps Teams

Power your security operations team with upgraded detection & response capabilities to defend your digital operating assets with our range of intelligence-led products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Threat Hunting

Raise your threat hunting game to bring asymptomatic threats to light and proactively mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Threat Detection & Response

Improve your detection and response coverage and resiliency in the face of relentless attacks with our collection of intelligence-driven endpoint tools.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

Platform

Learn more about our full-featured intelligence, hunting, and response platform.

Packages

Discover the variety of pre-configured packages suited for your diverse use cases.

Products

Explore our modular product solutions to better protect your environment.

Services

Get the most out of your EclecticIQ cybersecurity solutions.

Academy

Master the art of cyber threat intelligence and intelligence-led cyberdefense.

Ecosystem

Explore our world-class partners – or learn about our partner program.

TIP for CTI

Power your CTI practice with analyst-centric threat intelligence solutions.

TIP for SOC

Go beyond the IOC to augment your SOC in defense of your organization.

EDR for IT Security

State-of-the-art threat detection & response protection for endpoints.

XDR for IT Security (coming soon)

Flexible intelligence-led threat hunting, detection & response cybersecurity.

Intelligence Center

Curated Feeds

Hunting Packs (coming soon)

Endpoint Response

Hunting, Detection and Response (coming soon)

nav-solutions

Learn how EclecticIQ can help you address your specific challenges – by team and by need – and improve your overall security posture.

Solutions overview

For CTI Teams

Provide your CTI team with the automation, performance, flexibility, and integrations needed to boost your threat hunting capabilities with our range of analyst-centric products and services.

For SOC Teams

Enable your SOC team to better operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For IT SecOps Teams

Power your security operations team with upgraded detection & response capabilities to defend your digital operating assets with our range of intelligence-led products and services.

For Situational Awareness

Improve your situational awareness and mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Collaboration & Dissemination

Operationalize threat intelligence for more effective and efficient incident response with our range of analyst-centric management products and services.

For Threat Hunting

Raise your threat hunting game to bring asymptomatic threats to light and proactively mitigate risk with our collection of analyst-centric threat intelligence products and services.

For Threat Detection & Response

Improve your detection and response coverage and resiliency in the face of relentless attacks with our collection of intelligence-driven endpoint tools.

Our Ecosystem

An ecosystem supporting our customers' intelligence-led proactive cybersecurity needs with collaborative partner programs delivering world-class joint solutions. 

Partner Program

Partner with EclecticIQ to bring valuable and innovative security solutions and services to end users. Open to all partner types, including technology developers, service providers, resellers, and community.

Become a Partner

Our Partnerships

We partner with the world's premier technology and solution providers to support all phases of your cybersecurity needs. Explore all our partners' solutions and offerings to build and extend your cyber defense ecosystem.

About Our Partners

EclecticIQ Resources

We are committed to increasing the knowledge and capabilities of the cybersecurity community through our research & analysis efforts and open source projects.

Take Action with CTI What is STIX and TAXII?

Browse Resources

Learn more about our technology, solutions and services, and stay updated on the cyber threat landscape with our research reports, webinars and other information.

All resources White Papers Product Descriptions

Open Source Projects

We are proud to be an active member in the open source community and to help develop and advance progress of security technology. Learn more about contributions or go directly to our GitHub page.

Open Source Projects EclecticIQ on GitHub

EclecticIQ Endpoint Response

Deep endpoint telemetry enables detection, response, and eradication of threats in support of security operations, incident response, and compliance.

EclecticIQ Endpoint Response is the most performant and cost-effective Incident Response (IR) weapon in the market. Preloaded, custom and community-driven detection rules aligned with MITRE ATT&CK framework and native YARA rules and IOC matching, fed by comprehensive data from all endpoints for accurate out-of-the-box threat reporting. The open and extensible API allows for easy integration with your existing security stack and workflow.

Why choose endpoint response?

  • Single, lightweight agent provides real-time investigation and response capability, imposes low resource overhead, and is available for Windows, macOS, and Linux
  • Access to historical forensic endpoint telemetry enables incident responders to investigate pre-deployment activity
  • Integrates into your existing security stack utilizing comprehensive API
EclecticIQ Endpoint Response Architecture

Main Capabilities

  • Comprehensive, low-impact monitoring of Windows, macOS, and Linux endpoints

    The EclecticIQ Endpoint Response osquery-based agent and Windows Extension provides analysis into file, process, users, registry, and network events for all server and workstation endpoints.

  • Unparalleled breadth of response capabilities allows for quick isolation, investigation, and remediation

    Deploy predefined or custom remediation scripts, stop processes on the endpoint, and control network settings for the endpoint leveraging the single investigation & response agent.

  • Minimize disruption in your workflow and increase analyst adoption

    No new console required. Use our comprehensive REST API to easily integrate into your existing toolchain. Implement custom functionality for your use cases. Everything you need to identify, investigate, and remediate IOCs is available through the EclecticIQ Endpoint Response API. 

Endpoint Agent Features

  • Low Footprint

    Optimized single-agent architecture using targeted collection to minimize resource usage.

    Read more

    Optimized single-agent architecture using targeted collection to minimize resource usage.

  • Anti-virus Integration and Management

    Seamless integration and management of Windows Defender AV and Microsoft Anti-Malware Scanning Interface (AMSI).

    Read more

    Seamless integration and management of Windows Defender AV and Microsoft Anti-Malware Scanning Interface (AMSI).

  • Multi-operating System Support

    Support for Windows, Linux and macOS desktops, servers and cloud workloads.

    Read more

    Support for Windows, Linux and macOS desktops, servers and cloud workloads.

  • SQL-based Live and Scheduled Queries

    Simplify endpoint investigations with easy-to-use ... Read more

    Simplify endpoint investigations with easy-to-use SQL-based live and scheduled queries.

  • Deep Forensic Visibility

    Access to historical and in-memory forensic artifacts and unmatched breath of telemetry with fine-grained control for targeted ... Read more

    Access to historical and in-memory forensic artifacts and unmatched breath of telemetry with fine-grained control for targeted collection.

  • Live Terminal

    Reduce time to response and remediation with direct access to the endpoint live terminal.

    Read more

    Reduce time to response and remediation with direct access to the endpoint live terminal.

  • Threat Detection and Compliance Engine

    Multi-variate detection capabilities based engine with anti-malware integration, rules, MITRE ATT&CK, IOC and YARA.

    Read more

    Multi-variate detection capabilities based engine with anti-malware integration, rules, MITRE ATT&CK, IOC and YARA.

  • Application Control and Blocking

    Rule-based pre-emptive threat prevention and application control.

    Read more

    Rule-based pre-emptive threat prevention and application control.

  • Advanced Response

    Pre-built and customizable response actions that work even during an active attack.

    Read more

    Pre-built and customizable response actions that work even during an active attack.

Endpoint Controller and Web Console Features

  • Fleet Management

    Enterprise-level endpoint management and configuration capabilities.

    Read more

    Enterprise-level endpoint management and configuration capabilities.

  • Telemetry Caching and Forwarding

    Configurable for optimized local or cloud storage of telemetry data to prevent duplication.

    Read more

    Configurable for optimized local or cloud storage of telemetry data to prevent duplication.

  • Alert Management and Investigations

    Reduced time for incident triage with access to contextual telemetry enrichment.

    Read more

    Reduced time for incident triage with access to contextual telemetry enrichment.

  • Multiple Detection Capabilities

    Support for standard detection formats including commercial threat feeds, YARA, ... Read more

    Support for standard detection formats including commercial threat feeds, YARA, osquery Rules, and atomic Indicators (IOCs).

  • Enterprise Hunting and Response

    Hunt for knowns and unknowns through predefined and customizable Live and Saved Queries.

    Read more

    Hunt for knowns and unknowns through predefined and customizable Live and Saved Queries.

  • MITRE ATT&CK Technique Mapping

    Detection engine aligned with the MITRE ATT&CK matrix for rapid response to varied attack ... Read more

    Detection engine aligned with the MITRE ATT&CK matrix for rapid response to varied attack techniques.

  • Cloud and On-premises Deployment

    Flexible deployment options available to support Docker, Virtual Machines, and Cloud environments.

    Read more

    Flexible deployment options available to support Docker, Virtual Machines, and Cloud environments.

Threat Intelligence Packs Features

  • Managed Detection Content

    Seamlessly manage and collaborate on detection content through the open and shareable osquery Pack format.

    Read more

    Seamlessly manage and collaborate on detection content through the open and shareable osquery Pack format.

  • Out-of-the-box Pack Library

    Large detection library for immediate identification of known malicious and suspicious behavior across the enterprise.

    Read more

    Large detection library for immediate identification of known malicious and suspicious behavior across the enterprise.

Integrations and API/SDK Features / integration into existing SOC technologies

  • SIEM Integration

    Forward alerts and telemetry data to industry leading SIEM providers.

    Read more

    Forward alerts and telemetry data to industry leading SIEM providers.

  • Intelligence Feeds

    Connect with commonly used commercial intelligence feeds to expand rapid and impactful use of CTI.

    Read more

    Connect with commonly used commercial intelligence feeds to expand rapid and impactful use of CTI.

  • API for Playbook Creation and SOAR Integration

    Extend capabilities beyond Endpoint Response with feature rich API and documented SDK.

    Read more

    Extend capabilities beyond Endpoint Response with feature rich API and documented SDK.

Learn more

Let our experts show you how to put Intelligence at the core™ of your cyberdefenses.

Get demo Contact Sales
© 2014 – 2022 EclecticIQ B.V.
EclecticIQ. Intelligence, Hunting, Response.
Get demo