×
JOIN US TODAY CONTRACT VEHICLES CONTACT US

Take charge of your organization’s cybersecurity resilience today. Reach out to us about Wraith, the groundbreaking cybersecurity tool that enables unprecedented visibility in cross-cloud environments, empowering you to stay one step ahead of threats that were once hidden in the shadows. Wraith is your eyes across the clouds.


Why Wraith?

In the dynamic realm of cybersecurity, a robust defense is paramount. Wraith, the formidable guardian that transforms your network’s security into an impenetrable fortress, seamlessly integrates across diverse platforms, ensuring holistic visibility in multi-cloud environments, all while preserving the agility and scalability vital for modern business operations.

With Wraith, you fortify your defenses without compromise. Its advanced threat detection and real-time monitoring keep your data integrity intact, ensuring business continuity. In today’s digital battlegrounds, where threats evolve, Wraith is your essential partner for unbeatable security and visibility.

Elevate your cybersecurity with Wraith and secure your network today and tomorrow.


Hyper Focused On:

Maximum Visibility Into Your Hybrid and Multi-Cloud Environments

Wraith seamlessly detects threats from disparate platforms and cloud environments, offering organizations an unparalleled unified view. This holistic perspective enables them to delve deep into their cybersecurity posture, gaining an all-encompassing understanding that illuminates potential vulnerabilities and fortifies their defenses against the most insidious threats.

Do You Know What’s Lost In Your Cloud?

By providing real-time updates on threats across multiple platforms and cloud environments, Wraith can help organizations improve their situational awareness, allowing them to make more informed decisions about their cybersecurity strategy and response. Empower your organization to make well-informed decisions, fortifying your defenses against evolving threats with unmatched resilience.

Wraith Brochure

Learn more about Wraith with our Brochure

Educational White Paper

Take a deeper look with our White Paper

Frequently Asked Questions

What is Wraith?
What is difference between Wraith and our Microsoft Sentinel instance?

Wraith is an integrated and tailored solution to meet your security challenges not just another siloed tool in your security stack.

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

I already use Microsoft Sentinel; why would I need Wraith?

Wraith is an integrated and tailored solution to meet your security challenges not just another siloed tool in your security stack.

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

Larger companies/vendors claim these capabilities too, so why wouldn’t I choose them?

Most platforms on the market today focus on agent-based telemetry, which requires installing a compute endpoint. Wraith leverages cloud API/object data, which allows insight into objects that are not of type compute.

Wraith is tailored to meet your specific environments and tool capability requirements; large platforms are not as agile as Wraith.

Wraith is a DoD DCO mission-focused, designed by operators for operators, and has completed Operational Test and Evaluation (OT&E) with a positive fielding recommendation.

Other platforms offer security but not with cross-cloud or multi-terrain telemetry capabilities.

Wraith is an integrated solution based on a fungible architecture with the ability to scale to meet the mission needs, from a 2x analyst team to multiple Cyber Protection Teams or an entire SOC.

What if I don’t need the complete Wraith solution? Can I customize the deployment?

Wraith is a fungible solution that is tailorable to each mission partner.

Why Wraith?
What is difference between Wraith and our Microsoft Sentinel instance?

Wraith is an integrated and tailored solution to meet your security challenges not just another siloed tool in your security stack.

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

I already use Microsoft Sentinel; why would I need Wraith?

Wraith is an integrated and tailored solution to meet your security challenges not just another siloed tool in your security stack.

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

Larger companies/vendors claim these capabilities too, so why wouldn’t I choose them?

Most platforms on the market today focus on agent-based telemetry, which requires installing a compute endpoint. Wraith leverages cloud API/object data, which allows insight into objects that are not of type compute.

Wraith is tailored to meet your specific environments and tool capability requirements; large platforms are not as agile as Wraith.

Wraith is a DoD DCO mission-focused, designed by operators for operators, and has completed Operational Test and Evaluation (OT&E) with a positive fielding recommendation.

Other platforms offer security but not with cross-cloud or multi-terrain telemetry capabilities.

Wraith is an integrated solution based on a fungible architecture with the ability to scale to meet the mission needs, from a 2x analyst team to multiple Cyber Protection Teams or an entire SOC.

How does Wraith save me resources (time, personnel, tool costs)?

Wraith reduces the number of security tools in your environment which removes the need to spend on security tools and services in each environment. This removes the need to have/train an expert for each environment.

Often, Wraith can lead to cloud savings by showing analysts precisely what resources are running in the environment; it is common to identify shadow cloud resources that are no longer necessary or unapproved and can be destroyed.

Tracking threats across multiple terrains and environments allows analysts and operators to reduce the time it takes to detect and respond to threats.

Does Wraith require the deployment of agents?

No, Wraith is an agentless solution. However, not all environments and missions are the same and when there is a need for agents their telemetry can be ingested as part of a unified visibility. Wraith, out of the box, is integrated with Microsoft Defender family of components (endpoint, server, cloud, and IOT)

How does Wraith enable collaboration or foster a community of hunt and detection?

Wraith provides the Collaboration & C2 node, which is available 24x7x365. This environment includes file sharing, chat services (RocketChat), documentation services (Wiki.js), and a code repository (GitLab) to allow analysts and operators from all teams to share and collaborate. We pride ourselves on our effort to foster a real community of detection.

Deploying and O&M
I already use Microsoft Sentinel; why would I need Wraith?

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

Does Wraith have an ATO? Is Wraith FedRAMP accredited?

Wraith is in the process of attaining an ATO and an IL4 FedRAMP accreditation.

Future iterations will be IL5, IL6 and 6+ accredited.

How hard is it to connect Wraith to my cloud environments?

It’s a simple process in most environments, a service account must be created to provide access to the log data. Wraith will leverage this account to fetch the logs on a scheduled basis.

What does Wraith integrate with for on-premises security?

Wraith has been integrated with Suricata, Fortisiem, Zeek, Gigamon, and Syslog. (Can’t we pull from their on-prem AD and Defender clients?)

Wraith is flexible in that most integrations are accomplished in days versus weeks or months

What environment does Wraith run in?

Yes, software tools like Suricata or Zeek and hardware capabilities like Gigamon can be used to capture and parse the raw packet data into metadata before ingestion into Analyst Workspace for presentation in Sentinel.

Does Wraith require the deployment of agents?

No, Wraith is an agentless solution. However, not all environments and missions are the same and when there is a need for agents their telemetry can be ingested as part of a unified visibility. Wraith, out of the box, is integrated with Microsoft Defender family of components (endpoint, server, cloud, and IOT)

Where do I find training?

Our documents are probably the best place to start orienting yourself to Wraith. These can be found within the Wiki on the Collaboration and C2 node.

The vendors associated with Wraith provide full-featured training for Microsoft Azure, Sentinel and all the related components and services. For example the Azure training resources can be found here. (This needs the hyperlink to the MSFT training portal the ANG has access to)

Capabilities
What is difference between Wraith and our Microsoft Sentinel instance?

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

I already use Microsoft Sentinel; why would I need Wraith?

Wraith provides an engineered data pipeline that transforms ingested data into immediately valuable information. It also provides engineered data connectors for remote cloud environments that are unavailable or do not exist in the Gov Cloud paired with engineered workbooks associated with the provided data collectors.

Wraith leverages a common data schema across different cyber terrains and environments to track threats by entity values.

Wraith provides a team and community collaboration environment, allowing operators/analysts to share threats, TTPs, analytics, and everything related to Hunt, Incident Response, and DoD DCO missions within and across the community teams.

Wraith provides an engineered secure networking solution combining SD-WAN and CASB to enable secure access from anywhere.

Larger companies/vendors claim these capabilities too, so why wouldn’t I choose them?

Wraith is an integrated solution based on a fungible architecture with the ability to scale to meet the mission needs, from a 2x analyst team to multiple Cyber Protection Teams or an entire SOC.

Does Wraith have an ATO? Is Wraith FedRAMP accredited?

Wraith is in the process of attaining an ATO and an IL4 FedRAMP accreditation.

Future iterations will be IL5, IL6 and 6+ accredited.

What does Wraith integrate with for on-premises security?

Wraith has been integrated with Suricata, Fortisiem, Zeek, Gigamon, and Syslog. (Can’t we pull from their on-prem AD and Defender clients?)

What environment does Wraith run in?

Yes, software tools like Suricata or Zeek and hardware capabilities like Gigamon can be used to capture and parse the raw packet data into metadata before ingestion into Analyst Workspace for presentation in Sentinel.

Does Wraith have an AI/ML capability?

The initial deployment for the ANG does not, but the integration of Security Copilot or Vectra is available today.

Wraith has options for Microsoft’s Security Copilot, and Vectra.

Does Wraith require the deployment of agents?

No, Wraith is an agentless solution. However, not all environments and missions are the same and when there is a need for agents their telemetry can be ingested as part of a unified visibility. Wraith, out of the box, is integrated with Microsoft Defender family of components (endpoint, server, cloud, and IOT)

How does Wraith enable collaboration or foster a community of hunt and detection?

Wraith provides the Collaboration & C2 node, which is available 24x7x365. This environment includes file sharing, chat services (RocketChat), documentation services (Wiki.js), and a code repository (GitLab) to allow analysts and operators from all teams to share and collaborate. We pride ourselves on our effort to foster a real community of detection.