Go defensive

Blue teaming

Red teaming icon

As the SOC team, it’s your responsibility to protect business’ and clients’ most critical assets. Unfortunately, advanced threat actors are becoming ever more elusive in this rapidly-changing digital landscape – and catching them requires cutting-edge detections (use-cases). Let us help you staying one step ahead of potential cyber threats by boosting your threat detection capabilities!

Building, maintaining and tuning these advanced use-cases takes time, skills and insights in the latest attack vectors. Creating these new detections is often the responsibility of already overburdened engineers who are busy following up on events or doing incident response. This status quo makes you less flexible in focusing on business priorities and may put additional stress on your workforce.

FalconForce consists of a team of security veterans with a mix of deep offensive and defensive skills. We have performed numerous red team exercises, spent years in hunting or incident response, and scripted our way through so many technology stacks we lost count. In the past years we have been using our skills to create a repository of advanced use-cases. We are ready to support you in your mission to secure your business!

How we see modern threat detection

We believe modern threat detection is an interplay between your team, an advanced SIEM/SOAR, automation and specialist external input. FalconForce can support you in a number of these important threat detection topics.

FalconForce Sentry Detect: Managed Detection Engineering

We offer a way to save your team valuable time and provide you with advanced detection content for the Microsoft Defender and Microsoft Sentinel platforms. Custom-made for you or taken from our repository of existing use-cases; based on our constant research of adversarial techniques, our offensive and defensive engagements, and collaboration with our clients. FalconForce supports with implementing and tuning the use-cases to your environment. This will enable your team to focus on what really matters: keeping your business secure.

FalconForce Sentry Detect adds value to both MSSPs and in-house (hybrid) SOCs. We provide instant access to our growing repository of advanced detection content or can custom develop content for you.

For in-house (hybrid) SOCs we also offer additional ‘booster packages’ with a selection of proven use-cases from our repository; to kickstart or rapidly increase your detection capabilities.

Read more

Blue consultancy

Looking for expertise to enhance specific parts of your threat detection stack? FalconForce can help! We have expertise in setting up automated deployment pipelines, automating enrichment, custom detection development, BloodHound and testing your detections. Please get in touch so we can discuss what you are looking for and where we can help!

Contact us

Go defensive

Blue teaming

“Great advanced detection content!”

“Great advanced detection content!”

Simon - Information Security & Risk Management @ Athora

“FalconForce’s advanced detection content has greatly boosted our detective capability in both breadth and depth. The steady stream of new, tuned and well-documented detections and discussions with FalconForce’s experts really enhance the efficiency of our team.”

Go defensive

Blue teaming

FalconHound, attack path management for blue teams

FalconHound, attack path management for blue teams

[dsm_breadcrumbs show_home_icon="off" separator_icon="K||divi||400" admin_label="Supreme Breadcrumbs" _builder_version="4.18.0" _module_preset="default" items_font="||||||||" items_text_color="rgba(255,255,255,0.6)" custom_css_main_element="color:...

Go defensive

What does blue teaming bring you?

Shield Blue teaming

We protect your business

Your SOC team can use our steady stream of advanced use-cases to detect a wide variety of APT behavior in your business’ environment. Our use-cases detect malicious behavior that out-of-the-box endpoint protection software does not. Our support in tuning the use-cases helps your SOC team reducing false positives.

Reduce operational costs

Hiring new experts or developing expertise in-house is challenging, and ROI will take time. You can reduce those efforts by collaborating with FalconForce. Moreover, our content enables automation of deployment, and your team can chase mostly true positives.

Grow coverage faster and learn

Crafting use-cases to get a good detection coverage can be time-consuming, and often takes years to build. Our library of advanced use-cases can help in speeding up increasing the coverage in your environment. Your team and FalconForce can work together to develop detection content based on shared R&D efforts, lowering time and effort needed for new content. Moreover, this helps advancing your team’s skills.
Olaf speaking

Olaf speaking

Defensive specialist @ FalconForce & Microsoft MVP

“Constantly researching threat actor behavior, building and testing advanced detections takes a lot of knowledge, skills and time. Based on FalconForce’s offensive and defensive teams we have built and are continuously improving a repository of advanced use-cases for MDE and Sentinel. Moreover, we added various smart automations for deployment and documentation to help our clients focus on what really matters.”


Go defensive

Our other services

Purple teaming

Looking to combine offensive and defensive professionals during collaborative sessions to boost your cyber defense capabilities? Our purple teaming exercises are just what you are looking for!

Red teaming

Want to test your cyber threat detection and response with an extensive, realistic adversarial simulation or complete TIBER exercise? Our red teaming experts are ready to put your defenses to the test.

Together. Secure. Today.

Get in touch with one of our professionals

Want to discuss your challenges in more detail or wondering what we can do for you? We are happy to meet you for a (virtual) coffee. Please get in touch!

FalconForce realizes ambitions by working closely with its customers in a methodical manner, improving their security in the digital domain.

Energieweg 3
3542 DZ Utrecht
The Netherlands

FalconForce B.V.
[email protected]
(+31) 85 044 93 34

KVK 76682307
BTW NL860745314B01