Multi-tenant threat analysis · SaaS

From raw logs to
triaged findings.
In one console.

Sherlock Guard ingests your logs, CSV/JSON and CVE reports, classifies findings, enriches them with CWE/CVE context, and produces compliance-ready exports — with analyst review built in.

30-day free trial No credit card required Self-serve sign-up
Console preview
Total findings
1,284
across uploads
Critical + High
37
needs attention
Open
52
awaiting triage
Avg confidence
0.82
classifier
Findings by severityillustrative
CVE-2024-1234RCE in API · classified criticalCWE-94
Built for teams inManufacturingHealthcarePublic sectorLegalLogisticsFinance
What Sherlock Guard does

Four capabilities,
one console.

Ingest, classify, review and export — without stitching together a dozen tools.

Collection

Endpoint agent

The sgagent CLI collects logs, CSV and reports from your machines and uploads them securely.

  • Cross-platform Go agent
  • Signed self-update
  • Scheduled watch mode
Classification

Severity + CWE

Findings are classified by severity and tagged with CWE, with an AI-assisted pass and a deterministic fallback.

  • AI-assisted classification
  • Deterministic fallback
  • CWE tagging
Review

Enrichment & triage

Enrich findings with CWE/CVE context and let analysts review, triage and annotate them.

  • CWE/CVE context
  • Analyst review workflow
  • Status tracking
Reporting

Compliance exports

Produce CSV, JSON and PDF exports — with formula-injection-safe CSV — ready for audits.

  • CSV / JSON / PDF
  • Formula-safe CSV
  • Per-plan limits
How it works

Sign up, collect,
review.

No six-month rollout. Create an org, deploy the agent to inventory your hosts — or upload logs and CSV from the console — and let the worker do the first pass.

01

Sign up & create your org

Start a 30-day free trial — no card. Your tenant is provisioned with row-level isolation in Postgres.

02

Deploy the agent

Download sgagent and enrol each host with a token. It inventories that host — packages, listening services, OS/EOL — defensively, on-box only. Or upload logs and CSV from the console.

03

Classify, review, export

The worker classifies findings; analysts review and triage; you export compliance-ready reports.

sgagent · quickstart
$ sgagent register --backend $API --token $TOKEN→ registered: device 9f3a…          ok$ sgagent collect 412 packages · 31 services · OS/EOL (1.2s)$ sgagent watch --interval 300→ collecting every 5m · on-box only$ sgagent recommendations --ndjson{"action":"upgrade","pkg":"openssl"} ×3
30-day
Free trial
no credit card
CSV·JSON·PDF
Export formats
audit-ready
RLS
Tenant isolation
enforced in Postgres
minisign
Signed agent updates
verified install
Plans

Plans that grow with you.

Every plan starts with a 30-day free trial — no card. Prices are per month, billed in EUR, VAT excluded.

Plus
€49/ monthVAT excl.

For small teams getting started with real workloads.

  • 3 users
  • 200 analyses / month
  • CSV export (1,000 items)
  • API access
  • 90-day retention
  • Email support (48h)
Start free trial
Most popular
Pro
€199/ monthVAT excl.

The complete plan: more formats, watch mode, audit export.

  • 10 users
  • 2,000 analyses / month
  • CSV + JSON export
  • Scheduled watch mode
  • Audit export
  • 1-year retention
  • Email support (24h)
Start free trial
Max
€599/ monthVAT excl.

High volume, every format, custom dashboards and MSP multi-tenant.

  • Everything in Pro, plus:
  • 500 monitored assets
  • 25 analysts + unlimited viewers
  • All export formats (CSV/JSON/PDF)
  • Custom dashboard widgets
  • MSP multi-tenant
  • 2-year retention
  • Chat support
Start free trial
Just exploring? Start freeLarger or multi-tenant needs? Enterprise is custom-priced — contact us.
Ready to start?

Create your account and run your first classification in minutes.

Start free trial Already have an account? Sign in
30-day trial · no credit card required.