Your perimeter is watched. Your internal network isn't. Intrudect surfaces the reconnaissance, lateral movement, and outbound paths that firewalls and endpoint tools never see — running entirely on your own infrastructure.
Agents collect metadata and raise alerts in your environment. You work in a single central Web UI — triage, investigate, configure, done.
Passive SPAN analysis: port, ARP and DNS scans, lateral movement, DNS tunnelling and C2, rogue DHCP/DNS, unauthorized services, MISP IOC matching.
Decoy TCP/UDP services on chosen IPs and ports. Nothing should touch them — so any contact is a high-signal alert, with full PCAP captured on connection.
Runs 24/7 actively trying to reach the outside from segments that should be sealed — DNS, IPv4/IPv6, ICMP, proxy abuse. Tells you exactly which segment leaked, and how.
Regex monitoring across syslog, web, database and audit logs. SQL-injection patterns, unexpected password logins, honeyfile access — your rules, your severities.
Alert triage, search and dashboards, per-agent configuration, MFA (TOTP + YubiKey), role-based access and a full audit log. Route alerts by weekday, work hours, category and priority to Slack, Teams, Discord, e-mail, or JSON export into Elastic, Wazuh and Security Onion.
So far, every deployment has surfaced something the client didn't know was there.
Inter-network flows between segments the client believed were isolated — quietly running for months before anyone looked.
Hosts still reaching for long-deprecated endpoints — dead services, forgotten integrations, and the questions those raise.
Public endpoints forwarded straight into the workstation LAN instead of an actual DMZ — a wide-open door nobody had drawn on the map.
All detection features and integrations ship in every plan — you scale by agent count, not by unlocking capabilities. Lower tiers simply include fewer agents.
Partner and volume pricing, multi-site and SaaS-capable, with central remote updates across every deployment. And because every install surfaces real findings, each engagement writes the case for the next one — the discoveries do the selling.
Deploy on your own hardware and see what Intrudect surfaces on day one.