Detection Packages

Free detection rules for every MITRE ATT&CK technique. Upgrade to Pro for complete purple team packages.

Free

£0 /month
  • KQL detection rules (Microsoft Sentinel)
  • SPL detection rules (Splunk)
  • MITRE ATT&CK coverage matrix
  • Required data sources and tables
  • False positive guidance
Browse Detections
Recommended

Pro

£29 /user/month
  • Everything in Free
  • Response playbooks per technique
  • Investigation guides with forensic artifacts
  • Atomic Red Team test cases
  • Bulk export (JSON, YAML, CSV)
  • REST API access
Sign Up to Upgrade
MSP Pack

MSP Pack

£299 /month

Up to 5 tenants

  • Everything in Pro
  • Curated SMB detection bundle (35+ rules)
  • Threat-intel tagged detections (CVE & actor-linked)
  • New rules pushed as threats emerge
  • All 7 SIEM platforms (Sentinel, Splunk, Elastic, QRadar, Sumo, Chronicle, LogScale)
  • Bulk JSON download — deploy to any tenant
Sign Up for MSP Pack
Contact Us

Enterprise

Custom

For MSSPs and SOC teams

  • Everything in Pro
  • Bulk API access for multi-tenant deployment
  • Priority support
  • Custom integrations
  • Volume licensing
  • Dedicated onboarding
Contact Us