Deep visibility, early detection, rapid response

The Countersight solution is an agile network monitoring platform, designed for rapid deployment, flexible scaling and immediate results.

Drawing on information sources from across the network the platform brings to bear flexible enrichment, alerting and anomaly detection capabilities. This allows rapid identification of suspicious activity and effective response, while reducing the impact of cybersecurity incidents in the long term.

With a focus on ease of use and built for resource-light environments, the Countersight platform is designed to adapt to your circumstances and ensure effective security, without requiring a dedicated team to run.

Powerful analysis

Countersight brings big data techniques to resource-light environments, providing a high performance analysis platform combined with flexible enrichment and intelligence integration.


High performance – using intelligent processing techniques and built on top of the proven power of Elasticsearch, the Countersight platform is made for intensive monitoring, high volume querying and in-depth analysis.

Enrichment & intelligence – easy integration of intelligence feeds and watchlists allows enrichment of the raw data, adding key context information, accelerating the detection and analysis process and reducing the effort required to obtain meaningful results.

Alerting and anomaly detection – a flexible alerting framework highlights behavioural anomalies and indicators of compromise while providing easy configuration of custom rules, allowing automation and rapid escalation of key analysis tasks.

Deep visibility

The Countersight platform is based on real-time analysis of log information, allowing it to use almost any device as a monitoring point and tap into the wealth of information available on every network.

log sample

Log centric – logs are created by almost every system on a network, they are an abundant and easily accessible information source that provide an unmatched level of insight into network activity.

Easy collection – whether forwarded over the network via syslog, or gathered through an agent, the Countersight platform allows instant ingestion of new log sources with a minimum of configuration.

Automated parsing – from web servers through to firewalls, the Countersight platform automatically parses and analyses a wide range of common log formats, with no configuration required.

Flexible, adaptable, lightweight

Designed specifically to reduce the technical barriers of entry, the Countersight platform simplifies deployment, minimises ongoing administration overhead and provides an easy adaptability for any deployment scenario.


Flexible deployment – from a rapid on-site installation using a virtual appliance, through to a fully managed cloud deployment, the Countersight platform will adapt to the circumstances and resources you have available.

Easy scaling – whether on-site or in the cloud, our solution is built to scale with a minimum of effort and without requiring a time consuming redesign or expensive re-architecture.

Simple use – our focus on core capability, combined with automation of key tasks, high value enrichment and precise analysis provides a solution that allows rapid and effective use without requiring dedicated security specialists to operate.