Launching today
Flarehawk
Monitors security tools, probes threats, + prompts action
48 followers
Monitors security tools, probes threats, + prompts action
48 followers
Your security tools generate thousands of alerts a day. How many actually get investigated? Flarehawk does it for you. Real-time threat detection, automated investigation, and one-click fixes. Our ML engine builds a model unique to your environment and gets smarter every day. 5-year log retention, SSO, Slack integration, all built-in. Starting with Cloudflare Enterprise. Now in open beta.
Interactive
Payment Required
Launch Team / Built With
Flarehawk
Flarehawk
By the way, just a quick update! While we only supported Cloudflare Enterprise via Logpush for now, we are about to ship support for all Cloudflare plans via a custom Worker middleware.
Also, Microsoft 365, Google Workspace, Okta, and more ingestion connections coming in the next few days!
@ilyasesmail Congrats on your launch! What metrics do you track to measure the effectiveness of your threat monitoring?
Flarehawk
@kimberly_ross thanks for your comment! We monitor false positive rates, and do both human and AI-powered false positive detection. Our goal is for false positives to be <5% of all alerts generated, and not all alerts go on to trigger incidents, so the incident false positive should be much closer to <1%.
After we apply any remediation measures (WAF rules, rate limiting rules, etc), we monitor the traffic response in terms of actual dissipation of threat traffic, allowing for quick rollback, all through the Flarehawk dashboard.
The per-tenant ML model approach is really interesting, Ilyas. Most security tools apply the same generic rules to everyone, which is exactly why alert fatigue is such a problem — everything looks like a threat when you don't know what's normal for a specific environment. The fact that each customer gets their own baseline model that evolves over time is a strong technical moat. Starting with Cloudflare Enterprise is smart too — you're going where the security-conscious customers already are. How long does the model typically need to establish a reliable baseline for a new customer? That ramp-up period seems like it could be a key factor in onboarding experience.
Flarehawk
@roman_builder hey there. Thanks for your comment. The model warm-up takes around 15 mins to an hour, depending on how much traffic the account has, but we generally do see the Flarehawk Fabric populating within the first fifteen minutes!
Flarehawk
@shreya_srivastava17 thanks for the comment! We currently ingest logs and show analytics based on those logs, which do include more detail and granularity than you'd find in the Cloudflare dashboard for example. Part of the reason why is that we do not do log sampling, meaning we ingest, store and report on every single log.
We are building out custom monitors and custom dashboards, and I'll prioritize that in our roadmap! We're also going to announce a few more additions to help you query and analyze the data we've ingested 👀 keep an eye out!